Get access token

Call this API with authorization code and code verifier, or only refresh_token to get access token

Header Parameters

• x-secret-key string required

  Secret key, request ZaloPay team to provide this key

application/json

Request Body required

• code string

  This is a authorization code get from zlpSdk.User.getOauthV1Code step

• code_verifier string

  This is a code verifier generated in zlpSdk.User.getOauthV1Code step

• refresh_token string

  Used to get a new access_token when expired. Each created access_token will have one refresh_token that has 30 days expire time

Responses

• 200

---

data if success or error if failed

application/json

• Schema
• Example (from schema)

---

Schema

• data object

  only exist if success

  access_token string

  Access token used to call ZaloPay Authorization API

  refresh_token string

  Used to get a new access_token when expired. Each created acces_token will have one refresh_token that has 30 days expire time

  expires_in integer

  Expire time of access_token in milisecond

  refresh_expires_in integer

  Expire time of refresh_token in milisecond

  permissions string[]

  List of allowed permissions(scopes) by user

• error object

  only exist if error

  error string

  code integer

  details object

  error_info object

  reason string

  domain string

  localized_message object

  message string

{
  "data": {
    "access_token": "string",
    "refresh_token": "string",
    "expires_in": 0,
    "refresh_expires_in": 0,
    "permissions": [
      "string"
    ]
  },
  "error": {
    "error": "string",
    "code": 0,
    "details": {
      "error_info": {
        "reason": "string",
        "domain": "string"
      },
      "localized_message": {
        "message": "string"
      }
    }
  }
}

POST /oauth/v1/access_token

Request

Base URL

https://sb-openapi.zalopay.vn

x-secret-key — header required

Body required

{
  "code": "string",
  "code_verifier": "string",
  "refresh_token": "string"
}

curl -L -X POST 'https://sb-openapi.zalopay.vn/oauth/v1/access_token' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
--data-raw '{
  "code": "string",
  "code_verifier": "string",
  "refresh_token": "string"
}'

curl -L -X POST 'https://sb-openapi.zalopay.vn/oauth/v1/access_token' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
--data-raw '{
  "code": "string",
  "code_verifier": "string",
  "refresh_token": "string"
}'

curl -L -X POST 'https://sb-openapi.zalopay.vn/oauth/v1/access_token' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
--data-raw '{
  "code": "string",
  "code_verifier": "string",
  "refresh_token": "string"
}'

curl -L -X POST 'https://sb-openapi.zalopay.vn/oauth/v1/access_token' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
--data-raw '{
  "code": "string",
  "code_verifier": "string",
  "refresh_token": "string"
}'

curl -L -X POST 'https://sb-openapi.zalopay.vn/oauth/v1/access_token' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
--data-raw '{
  "code": "string",
  "code_verifier": "string",
  "refresh_token": "string"
}'

curl -L -X POST 'https://sb-openapi.zalopay.vn/oauth/v1/access_token' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
--data-raw '{
  "code": "string",
  "code_verifier": "string",
  "refresh_token": "string"
}'

curl -L -X POST 'https://sb-openapi.zalopay.vn/oauth/v1/access_token' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
--data-raw '{
  "code": "string",
  "code_verifier": "string",
  "refresh_token": "string"
}'

curl -L -X POST 'https://sb-openapi.zalopay.vn/oauth/v1/access_token' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
--data-raw '{
  "code": "string",
  "code_verifier": "string",
  "refresh_token": "string"
}'