API Function Specification
# API Function Specification
Current version: V6.2
# Unified Authentication
Sobot open API implements a standard mechanism of using API for authorized access based on Json Web Token (JWT) to meet the needs of users' security settings.
# Basic Workflow and Usage Instructions
The workflow is as follows:
- The client uses appId and app_secret to request the server
- The server verifies the authenticated information
- The server sends access_token to the user via verification
- The client stores the access_token;
- and sends the access_token value each time a request is made (param Authorization stored in head)
- The server verifies the access_token value and returns the data
- The access_token carries a timeout time after it is requested, and the client should obtain the token again when the access_token timeout time is halfway over.
- If the server verifies that the access_token has expired, it will return status 401
# Agent Authorization API
# ● Definition of Agent Token API
Agent token is used for JSSDK and UISDK to request to obtain token
https:// sg.sobot.com/tokens/agent
Request param:
| Param | Type | Required | Description |
|---|---|---|---|
| responseType | String | Yes | Requested jwt type, currently available: token |
| appId | String | Yes | User's unique ID |
| currentTime | Long | Yes | Timestamp (millisecond) |
| sign | String | Yes | Signature, calculated as MD5(app_id+current_time+response_type+app_secret) |
| agentId | String | No | Agent id |
| agentNo | String | No | Agent work no. |
Note: At least one of agentId and agentNumber must exist in the API params, and agentNumber is invalid when agentId exists. Request example
curl -X post https://sg.sobot.com/tokens/company -D
'{\
"responseType":"token",\
"appId":" b86fc8142f784bfb9215d45df64a17ea ",\
"currentTime":" 1627462929415 ",\
"sign":" fdf6066cfc12e73d7ebc571235c8be45 ",\
"agentNo":"1008"
}'
1
2
3
4
5
6
7
8
2
3
4
5
6
7
8
Return when succeeded
{
"accessToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhcHAiOiI3YzA1ODVkYTI3NmE0Y2ZiODM3MmRhYzY0MWFjM2QwOSIsImFnZW50SWQiOiIiLCJzZXJ2aWNlRW1haWwiOm51bGwsImlzcyI6InNvYm90IiwidHlwZSI6ImNyZWF0ZVRva2VuVm8uZ2V0UmxtKCkiLCJybG0iOiJ0aGlyZCIsImNvbXBhbnlJZCI6ImExOGUyMWM0YzI4ZDQyY2NiOTExMDYwNmFmNzIxMWI0IiwibmJmIjowLCJ6b25lIjpudWxsLCJleHAiOjE3MTU5MTgzMTU0NzYsImlhdCI6MTcxNTgzMTkxNTQ3NiwiYWlkIjoiIiwiY2lkIjoiYTE4ZTIxYzRjMjhkNDJjY2I5MTEwNjA2YWY3MjExYjQifQ.DS0_O1mMLAqDPE36XqBKRjRZ6B_5fLr5_KDzBnc-rP4",
"domain": "sobot",
"tokenType": "bearer",
"expiresIn": 86400000,
"code": "000000",
"realm": "third",
"message": "Success"
}
1
2
3
4
5
6
7
8
9
2
3
4
5
6
7
8
9
Return when failed
{
"code": 400,
"message":"invalid params"
}
1
2
3
4
2
3
4
# ● Use access_token
HTTP Authorization header should be added to all external Sobot APIs. Here is the example:
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0ODUxNDA5ODQsImlhdCI6MTQ4NTEzNzM4NCwiaXNzIjoiYWNtZS5jb20iLCJzdWIiOiIyOWFjMGMxOC0wYjRhLTQyY2YtODJmYy0wM2Q1NzAzMThhMWQiLCJhcHBsaWNhdGlvbklkIjoiNzkxMDM3MzQtOTdhYi00ZDFhLWFmMzctZTAwNmQwNWQyOTUyIiwicm9sZXMiOltdfQ.Mp0Pcwsz5VECK11Kf2ZZNF_SMKu5CgBeLN9ZOP04kZo
1
# ● Error Code
| Status | Message | Description |
|---|---|---|
| 400 | invalid params | Params with illegal token |
| 401 | Unauthorized | Invalid token |
| 403 | Forbidden | Illegal request resource |
# Company Authorization API
# ● Definition of Company Token API
Company token is used to access HTTP open API and request to obtain token
https:// sg.sobot.com/tokens/company
Request param:
| Param | Type | Required | Description |
|---|---|---|---|
| responseType | String | Yes | Requested jwt type, currently available: token |
| appId | String | Yes | User's unique ID |
| currentTime | Long | Yes | Timestamp (millisecond) |
| sign | String | Yes | Signature, calculated as MD5(app_id+current_time+response_type+app_secret) |
Request example
curl -X post https:// sg.sobot.com/tokens/company -D
'{\
"responseType":"token",\
"appId":" b86fc8142f784bfb9215d45df64a17ea ",\
"currentTime":" 1627462929415 ",\
"sign":" fdf6066cfc12e73d7ebc571235c8be45 "\
}'
1
2
3
4
5
6
7
2
3
4
5
6
7
Return when succeeded
{
"accessToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhcHAiOiI3YzA1ODVkYTI3NmE0Y2ZiODM3MmRhYzY0MWFjM2QwOSIsImFnZW50SWQiOiIiLCJzZXJ2aWNlRW1haWwiOm51bGwsImlzcyI6InNvYm90IiwidHlwZSI6ImNyZWF0ZVRva2VuVm8uZ2V0UmxtKCkiLCJybG0iOiJ0aGlyZCIsImNvbXBhbnlJZCI6ImExOGUyMWM0YzI4ZDQyY2NiOTExMDYwNmFmNzIxMWI0IiwibmJmIjowLCJ6b25lIjpudWxsLCJleHAiOjE3MTU5MTgzMTU0NzYsImlhdCI6MTcxNTgzMTkxNTQ3NiwiYWlkIjoiIiwiY2lkIjoiYTE4ZTIxYzRjMjhkNDJjY2I5MTEwNjA2YWY3MjExYjQifQ.DS0_O1mMLAqDPE36XqBKRjRZ6B_5fLr5_KDzBnc-rP4",
"domain": "sobot",
"tokenType": "bearer",
"expiresIn": 86400000,
"code": "000000",
"realm": "third",
"message": "Success"
}
1
2
3
4
5
6
7
8
9
2
3
4
5
6
7
8
9
Return when failed
{
"code": 400,
"message":"invalid params"
}
1
2
3
4
2
3
4
# Error Handling
Unified error handling
{
"apiVersion": "6.2", // API version
"status": "Failure", // Success or Failure
"message": "Sorry, System is under maintenance.", // Prompt users with error messages; display in multiple languages via Accept-Language. Chinese by default
"code": 500, // http status code
"reason": "error.message.label", // Error message key label
"kind": "MainCDRInfo", // Entity types, here including MainCDRInfo and PartyCDRInfo
"metaData": {
"creatorId":" 1f9ce5af91d8-1ecc12b03aa7a8755ad2 ",
"creationTime": 1617173030902 ,
"updateUserId":" 44c8f4014e53c4677736c4c8c26a7c0d ",
"updatedTime": 1617173096236
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
2
3
4
5
6
7
8
9
10
11
12
13
14
Last Updated: 11/15/2024, 12:06:24 PM