--- openapi: 3.0.0 info: title: Channel Access Token API version: "0.0.1" description: This document describes Channel Access Token API. servers: - url: "https://api.line.me" tags: - name: channel-access-token paths: "/oauth2/v3/token": post: externalDocs: url: https://developers.line.biz/en/reference/messaging-api/#issue-stateless-channel-access-token tags: - channel-access-token operationId: issueStatelessChannelToken description: | Issues a new stateless channel access token, which doesn't have max active token limit unlike the other token types. The newly issued token is only valid for 15 minutes but can not be revoked until it naturally expires. requestBody: required: true content: application/x-www-form-urlencoded: schema: oneOf: - $ref: "#/components/schemas/IssueStatelessChannelTokenByJWTAssertionRequest" - $ref: "#/components/schemas/IssueStatelessChannelTokenByClientSecretRequest" responses: "200": description: "OK" content: application/json: schema: "$ref": "#/components/schemas/IssueStatelessChannelAccessTokenResponse" example: token_type: Bearer access_token: eyJhbGciOiJIUz..... expires_in: 899 "/oauth2/v2.1/tokens/kid": get: externalDocs: url: https://developers.line.biz/en/reference/messaging-api/#get-all-valid-channel-access-token-key-ids-v2-1 tags: - channel-access-token operationId: getsAllValidChannelAccessTokenKeyIds description: "Gets all valid channel access token key IDs." parameters: - name: client_assertion_type in: query required: true description: "`urn:ietf:params:oauth:client-assertion-type:jwt-bearer`" schema: type: string - name: client_assertion in: query required: true description: "A JSON Web Token (JWT) (opens new window)the client needs to create and sign with the private key." schema: type: string responses: "200": description: "OK" content: application/json: schema: "$ref": "#/components/schemas/ChannelAccessTokenKeyIdsResponse" example: kids: - U_gdnFYKTWRxxxxDVZexGg - sDTOzw5wIfWxxxxzcmeQA - 73hDyp3PxGfxxxxD6U5qYA - FHGanaP79smDxxxxyPrVw - CguB-0kxxxxdSM3A5Q_UtQ - G82YP96jhHwyKSxxxx7IFA "/oauth2/v2.1/token": post: externalDocs: url: https://developers.line.biz/en/reference/messaging-api/#issue-channel-access-token-v2-1 tags: - channel-access-token operationId: issueChannelTokenByJWT description: "Issues a channel access token that allows you to specify a desired expiration date. This method lets you use JWT assertion for authentication." requestBody: required: true content: application/x-www-form-urlencoded: schema: description: "request of the issueChannelTokenByJWT" type: object properties: grant_type: type: string description: "client_credentials" client_assertion_type: type: string description: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer" client_assertion: type: string description: "A JSON Web Token the client needs to create and sign with the private key of the Assertion Signing Key." required: - grant_type - client_assertion_type - client_assertion responses: "200": description: "OK" content: application/json: schema: "$ref": "#/components/schemas/IssueChannelAccessTokenResponse" example: access_token: eyJhbGciOiJIUz..... token_type: Bearer expires_in: 2592000 key_id: sDTOzw5wIfxxxxPEzcmeQA "/oauth2/v2.1/verify": get: externalDocs: url: https://developers.line.biz/en/reference/messaging-api/#verify-channel-access-token-v2-1 tags: - channel-access-token operationId: verifyChannelTokenByJWT description: "You can verify whether a Channel access token with a user-specified expiration (Channel Access Token v2.1) is valid." parameters: - name: access_token in: query required: true description: "Channel access token with a user-specified expiration (Channel Access Token v2.1)." schema: type: string responses: "200": description: "OK" content: application/json: schema: "$ref": "#/components/schemas/VerifyChannelAccessTokenResponse" example: client_id: "1573163733" expires_in: 2591659 scope: profile chat_message.write "/oauth2/v2.1/revoke": post: externalDocs: url: https://developers.line.biz/en/reference/messaging-api/#revoke-channel-access-token-v2-1 tags: - channel-access-token operationId: revokeChannelTokenByJWT description: "Revoke channel access token v2.1" requestBody: required: true content: application/x-www-form-urlencoded: schema: description: "Request of the revokeChannelTokenByJWT" type: object properties: client_id: type: string description: "Channel ID" client_secret: type: string description: "Channel Secret" access_token: type: string description: "Channel access token" required: - client_id - client_secret - access_token responses: "200": description: "OK" "/v2/oauth/accessToken": post: externalDocs: url: https://developers.line.biz/en/reference/messaging-api/#issue-shortlived-channel-access-token tags: - channel-access-token operationId: issueChannelToken description: "Issue short-lived channel access token" requestBody: required: true content: application/x-www-form-urlencoded: schema: description: "Request of the issueChannelToken" type: object properties: grant_type: type: string description: "`client_credentials`" example: client_credentials client_id: type: string description: "Channel ID." client_secret: type: string description: "Channel secret." required: - grant_type - client_id - client_secret responses: "200": description: "OK" content: application/json: schema: "$ref": "#/components/schemas/IssueShortLivedChannelAccessTokenResponse" example: access_token: W1TeHCgfH2Liwa..... expires_in: 2592000 token_type: Bearer "400": description: "Bad Request" content: application/json: schema: "$ref": "#/components/schemas/ErrorResponse" example: error: invalid_request error_description: "some parameters missed or invalid" "/v2/oauth/verify": post: externalDocs: url: https://developers.line.biz/en/reference/messaging-api/#verify-channel-access-token tags: - channel-access-token operationId: verifyChannelToken description: "Verify the validity of short-lived and long-lived channel access tokens" requestBody: required: true content: application/x-www-form-urlencoded: schema: description: "request of the verifyChannelToken" type: object properties: access_token: description: "A short-lived or long-lived channel access token." type: string required: - access_token responses: "200": description: "OK" content: application/json: schema: "$ref": "#/components/schemas/VerifyChannelAccessTokenResponse" example: client_id: "1350031035" expires_in: 3138007490 scope: P CM "/v2/oauth/revoke": post: externalDocs: url: https://developers.line.biz/en/reference/messaging-api/#revoke-longlived-or-shortlived-channel-access-token tags: - channel-access-token operationId: revokeChannelToken description: "Revoke short-lived or long-lived channel access token" requestBody: required: true content: application/x-www-form-urlencoded: schema: description: "Request of the revokeChannelToken." type: object properties: access_token: description: "Channel access token" type: string required: - access_token responses: "200": description: "OK" components: schemas: IssueStatelessChannelTokenByJWTAssertionRequest: externalDocs: url: https://developers.line.biz/en/reference/messaging-api/#issue-stateless-channel-access-token description: "Request body to issue a new token with JWT assertion" type: object required: - grant_type - client_assertion - client_assertion_type properties: grant_type: type: string enum: [ client_credentials ] description: "client_credentials" client_assertion_type: type: string enum: [ urn:ietf:params:oauth:client-assertion-type:jwt-bearer ] description: "URL-encoded value of `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`" client_assertion: type: string description: "A JSON Web Token the client needs to create and sign with the private key of the Assertion Signing Key." IssueStatelessChannelTokenByClientSecretRequest: externalDocs: url: https://developers.line.biz/en/reference/messaging-api/#issue-stateless-channel-access-token description: "Request body to issue a new token with `client_id` and `client_secret`" type: object required: - grant_type - client_id - client_secret properties: grant_type: type: string enum: [ client_credentials ] description: "`client_credentials`" client_id: type: string description: "Channel ID." client_secret: type: string description: "Channel secret." IssueStatelessChannelAccessTokenResponse: externalDocs: url: https://developers.line.biz/en/reference/messaging-api/#issue-stateless-channel-access-token description: "Issued stateless channel access token" required: - access_token - expires_in - token_type type: object properties: access_token: type: string description: |+ A stateless channel access token. The token is an opaque string which means its format is an implementation detail and the consumer of this token should never try to use the data parsed from the token. expires_in: type: integer format: int32 description: "Duration in seconds after which the issued access token expires" token_type: type: string default: Bearer description: "Token type. The value is always `Bearer`." ChannelAccessTokenKeyIdsResponse: externalDocs: url: https://developers.line.biz/en/reference/messaging-api/#get-all-valid-channel-access-token-key-ids-v2-1 description: "Channel access token key IDs" required: - kids type: object properties: kids: description: "Array of channel access token key IDs." type: array items: type: string IssueShortLivedChannelAccessTokenResponse: externalDocs: url: https://developers.line.biz/en/reference/messaging-api/#issue-shortlived-channel-access-token description: "Issued short-lived channel access token" required: - access_token - expires_in - token_type type: object properties: access_token: type: string description: |+ A short-lived channel access token. Valid for 30 days. Note: Channel access tokens cannot be refreshed. expires_in: type: integer format: int32 description: "Time until channel access token expires in seconds from time the token is issued." token_type: type: string default: Bearer description: "Token type. The value is always `Bearer`." IssueChannelAccessTokenResponse: externalDocs: url: https://developers.line.biz/en/reference/messaging-api/#issue-channel-access-token-v2-1 description: "Issued channel access token" required: - access_token - expires_in - token_type - key_id type: object properties: access_token: type: string description: |+ Channel access token. expires_in: type: integer format: int32 description: "Amount of time in seconds from issue to expiration of the channel access token" token_type: type: string default: Bearer description: "A token type." key_id: type: string description: "Unique key ID for identifying the channel access token." VerifyChannelAccessTokenResponse: description: "Verification result" required: - client_id - expires_in type: object properties: client_id: type: string description: "The channel ID for which the channel access token was issued." expires_in: type: integer format: int64 description: "Number of seconds before the channel access token expires." scope: type: string description: "Permissions granted to the channel access token." ErrorResponse: description: "Error response of the Channel access token" type: object properties: error: description: "Error summary" type: string error_description: description: "Details of the error. Not returned in certain situations." type: string