Visit BenQ Education website for education solutions
  • Topics

X-Sign OpenAPI

X-sign 2.0 / X-Sign OpenAPI

Authentication

2021 / 04 / 09

Overview of Authentication

When calling all X-Sign OpenAPI items, access_token must be included in the header. If this is not included, a "401 Unauthorized" error will be returned.

An obtained token expires and becomes unavailable for use after ONE MONTH. If this is the case, you should obtain a new token.

The process is as follow:

1. call the API to get access_token

2. redirect to auth server (login page)

3. end-user login (admin account only)

4. redirect to request.redirect_uri with access_token

access_token can be obtained by calling the following api.

Auth flow

The authorization is similar to the OAuth 2.0 authorization code flow, with one important distinctions : 
The response_type parameter must include external_token.

 

 

Auth URL

https://service-portal.benq.com/external/{version}/{path}

Version
v1
Auth API

GET /oauth/authorize

Request Parameter

Name Schema Description
Name
client_id
Schema

Required.

Type: integer

Description
client_id
Name
redirect_uri
Schema

Required.

Type: string

Description
redirect_uri (Must be the same as the registered value)
Name
response_type
Schema

Required.

Type: string

Value:external_token

Description
response_type
Name
scope
Schema

Optional.

Type: string

Value:xsign

Description
scope
Name
state
Schema

Optional.

Type: string

Description
request state

curl -X GET "/external/v1/oauth/authorize"

-d '{

"client_id":3,

"redirect_uri":"http://example.com/callback",

"response_type":"external_token",

"scope":"xsign"

}'

Response Code
General HTTP Staus Code

Code Description
Code
302
Description
Found, Redirect

Final Response Header (redirect_uri)
URL redirect to request.redirect_uri

Key Schema Description
Key
*Location
Schema
string
Description
request.redirect_uri with parameters


Final.Response.Header.Location.parameters (auth SUCCESS)

Key Schema Description
Key
*access_token
Schema
string
Description
access_token
Key
*token_type
Schema

string

Value:bearer

Description
token type
Key
*expires_in
Schema
integer
Description

expired (second)

one month

Key
*state
Schema
string
Description
request state


Final.Response.Header.Location.parameters (auth ERROR)

Key Schema Description
Key
*error
Schema

string

Value:access_denied|invalid_scope

Description
token type
Key
*state
Schema
string
Description
request state

Location: http://clientapi.com.tw#access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjM5NmI2ZTQ0OTFjNDU0YTBhYzBjMzM1MDAyYTUzOTFkNDRhMWM1YzkwYTkxYzdiZmEyMTJlYTIxZjc5M2ZkOGY5ZGRiMmJiYWRmMDdhODYxIn0.eyJhdWQiOiIzIiwianRpIjoiMzk2YjZlNDQ5MWM0NTRhMGFjMGMzMzUwMDJhNTM5MWQ0NGExYzVjOTBhOTFjN2JmYTIxMmVhMjFmNzkzZmQ4ZjlkZGIyYmJhZGYwN2E4NjEiLCJpYXQiOjE1Nzc0MTY1NDMsIm5iZiI6MTU3NzQxNjU0MywiZXhwIjoxNTc3NDIzNzQzLCJzdWIiOiIxMDAxIiwic2NvcGVzIjpbXX0.txBx2sOPrnJomcrx27ibgPPOIm21VcjcAxb3upNMZYiXzyo59y9gTVrGw_u442w0pyaRsXDVlhmS6K9RCfykswd4cAlSdfR9gFQRhEqNwSak8XkZBjVxT7818m8Z9R_jcAVvvlMC3Gz0fhLCKmuNhQSs4On8NQBW4KSewSYYoL25h_Gtl5C7G4XneLoCqIqLY3JyXcr8-LTzbn-GWrwGNsPeRoQQyVki4Uc89RoYhnp4-n8GQFMJuaOettaKNyu5qpP04-q6xMPYvMM5PBtTgj-4dYsxIBe51HbnpMYglgccOTt3iTx0EOsCefKY54tyKT38z8bCV9YeQ9Pwe_QXPocaEgWSAkYpBCzt6ZdoUWX3GDuXQxzyO_OCioQU_ipB3FWSrfdWjfJi4b2YelUs5oC_AUNPdam2tY8bg68x4oGWCXiCi_s7bPegUuyGSf3CUjmR2HZc5rbWYS1JNct7Xp4-k4poxwlhOF3EDy5jWmSDVykrigjkWjwFT2bDLk4rtN2l4W_OliVbyiAmp78fwwEKjh1vSrW9UpfMWoMrHX4eEa1Ca96WNr4oJOeugxCPPzBzJZF5TBxPhPcn3wd0fL7iPNUS1lr3byJsHMpMADDdNvEacS8e-k9Y7Rt5q-xl7-OoymH9IPaPRY3KL7FhhcG3zFnRt4rGLD7xgM&token_type=bearer&expires_in=7200