/v2/authorizations/revoke

POST /v2/authorizations/revoke

The revokeĀ API is used to cancel an access token at wallets.

Message structure

A message consists of a header and body. The following sections are focused on the body structure. For the header structure, seeļ¼š

Request

Property

Data type

Required

Description

Example

accessToken

StringĀ 

Yes

An access token that can be used to access the user resource scope.

Max. length: 128 characters.

"281010033AB2F588D14B43238637264FCA5AAF35xxxx"

authClientIdĀ 

StringĀ 

No

The unique identifier allocated for a client.

Max. length: 128 characters.

"202016726873874774774xxxx"

extendInfo

String

No

TheĀ extended information that wallets and merchants want to describe.

Max. length: 4096 characters.

copy
{
    "memo": "memo"
}

Response

Property

Data type

Required

Description

Example

result

Result

Yes

The request result, which contains information related to the request result, such as status and error codes.

{ "resultCode":"SUCCESS", "resultStatus":"S", "resultMessage":"success" }

extendInfo

String

No

TheĀ extended information that wallets and merchants want to describe.

Max. length: 4096 characters.

copy
{
    "memo": "memo"
}

Result process logic

In the response, the result.resultStatus field indicates the result of processing a request as follow:

resultStatus

DescriptionĀ 

S

The authorization is canceled successfully. AuthClient cannot use the AccessToken to access user's resources, and may not use the relative refreshToken to retrieve new AccessToken.

The corresponding result.resultCode is "SUCCESS" and theĀ  result.resultMessageĀ  is "Success".

U

The API statusĀ is unknown.Ā It means thatĀ authorization is failed toĀ cancel, and AuthClient may guide the user to try again.Ā 

The corresponding result.resultCode is "UNKNOWN_EXCEPTION"Ā and result.resultMessageĀ  is "An API calling is failed, which is caused by unknown reasons.".

For details, see the Common error codes section.

F

It means that authorization is failed toĀ cancel, and AuthClient may guide the user to try again.Ā 

The corresponding result.resultCodeĀ  and result.resultMessage are various based on different situations.Ā For details, see the followingĀ Error codes section.

Error codes

Error codes are usually classified into the following categories:

  • Common error codes are common for all Mini Program OpenAPIs. Ā 
  • API-specific error codes are listed in the following table.

resultStatus

resultCode

resultMessage

Further Action

F

INVALID_AUTH_CLIENT_STATUS

Invalid auth client status.

F

INVALID_ACCESS_TOKEN

The access token is invalid.

F

INVALID_AUTH_CLIENT

The auth client id is invalid.Ā 

F

EXPIRED_ACCESS_TOKEN

The access token is expired.

F

EXPIRED_AGENT_TOKEN

The access token of mini program is expired.

F

INVALID_AGENT_TOKEN

The access token of mini program is invalid.

Sample

You can cancel the authorization. After cancellation, the refreshToken cannot be used even if it is valid.

/v2/authorizations/revoke

When users cancel an access token from the mini program,

  1. The merchant server calls the revokeĀ interface to cancel an access token (Step 2).
  2. And the wallet server returns the token cancellation result to the merchant server (Step 3).

Request

copy
{
  "accessToken": "281010033AB2F588D14B43238637264FCA5AAF35xxxx",
  "authClientId": "202016726873874774774xxxx"
}

Response

copy
{
 "result": {
    "resultCode":"SUCCESS",
    "resultStatus":"S",
    "resultMessage":"success"
  }
}