Authentication Mechanism

Introduction

The main purpose of authentication is to obtain the Access_token. The Access_token is the user's access token, which carries information such as the user's identity and permissions. Authentication consists of the following two steps:

1. Obtain AK/SK
2. Obtain Access_token

• Code form → Suitable for users with a computer background
• Web debugging tool → Suitable for users with no background

Obtain AK/SK

• The API is a paid call
• Priority service support for companies
• Price: $ 0.056/call【For large-scale calls, please contact business support】
• Contact Us

Obtain Access_token

ShengBang API Open Platform uses OAuth2.0 authorization to call open APIs. When calling the API, the Access_token parameter must be included in the URL. The default validity period of the Access_token is 30 days. The process to obtain the Access_token is as follows:

Request URL Data Format

URL

https://openapi.ocr.sys303.com/api/v1/oauth/token?client_id={API Key}&client_secret={Secret Key}&grant_type=client_credentials

• grant_type: Required parameter, fixed as client_credentials;
• client_id: Required parameter, the API Key of the application;
• client_secret: Required parameter, the Secret Key of the application;

POST request example:

https://openapi.ocr.sys303.com/api/v1/oauth/token?client_id=Fq5eR3LT0vuXV&client_secret=0rDSjzQ20XUj5itV6WRtz&grant_type=client_credentials

request example

bash

curl -X 'POST' \
  'https://openapi.ocr.sys303.com/api/v1/oauth/token?client_id=【client_id】&client_secret=【client_secret】&grant_type=client_credentials' \
  -H 'accept: application/json' \
  -d ''

python

import requests
import json

def main():
    client_id = '【client_id】'
    client_secret = '【client_secret】'
    url = f"https://openapi.ocr.sys303.com/api/v1/oauth/token?client_id={client_id}&client_secret={client_secret}&grant_type=client_credentials"
    payload = ""
    headers = {
        'Content-Type': 'application/json',
        'Accept': 'application/json'
    }
    response = requests.request("POST", url, headers=headers, data=payload)
    print(response.text)

if __name__ == '__main__':
    main()

C#

using System;
using System.Collections.Generic;
using System.Net.Http;
public static class AccessToken
{
    public static String TOKEN = "qwertyuiop.zxcvbnm.asdfghjkl-1234567";
    //  API Key
    private static String clientId = "【clientId】";
    //  Secret Key
    private static String clientSecret = "【clientSecret】";
    public static String getAccessToken() {
        String authHost = "https://openapi.ocr.sys303.com/api/v1/oauth/token?grant_type=client_credentials&client_id=" + clientId + "&client_secret=" + clientSecret;
        HttpClient client = new HttpClient();
        List<KeyValuePair<String, String>> paraList = new List<KeyValuePair<string, string>>();
        HttpResponseMessage response = client.PostAsync(authHost, new FormUrlEncodedContent(paraList)).Result;
        String result = response.Content.ReadAsStringAsync().Result;
        Console.WriteLine(result);
        return result;
    }
    public static void Main(string[] args)
    {
        getAccessToken();
    }
}

Java

import org.json.JSONObject;

import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.List;
import java.util.Map;

public class AuthService {
    public static String getAuth() {
        String clientId = "【clientId】";
        String clientSecret = "【clientSecret】";
        return getAuth(clientId, clientSecret);
    }

    public static String getAuth(String ak, String sk) {
        String authHost = "https://openapi.ocr.sys303.com/api/v1/oauth/token?";
        String getAccessTokenUrl = authHost
                // 1. grant_type 
                + "grant_type=client_credentials"
                // 2. API Key
                + "&client_id=" + ak
                // 3. Secret Key
                + "&client_secret=" + sk;
        try {
            URL realUrl = new URL(getAccessTokenUrl);
            HttpURLConnection connection = (HttpURLConnection) realUrl.openConnection();
            connection.setRequestMethod("POST");
            connection.setDoOutput(true);
            connection.getOutputStream().write("".getBytes());
            connection.connect();
            Map<String, List<String>> map = connection.getHeaderFields();
            for (String key : map.keySet()) {
                System.err.println(key + "--->" + map.get(key));
            }
            BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
            String result = "";
            String line;
            while ((line = in.readLine()) != null) {
                result += line;
            }

            System.err.println("result:" + result);
            JSONObject jsonObject = new JSONObject(result);
            String access_token = jsonObject.getString("access_token");
            return "access_token";
        } catch (Exception e) {
            e.printStackTrace(System.err);
        }
        return null;
    }
}

Response Format

JSON Format

Successful Response

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.xxxxxE1MTQ5NDcsImlzcyI6Imh0dHBzOi8vYXBpLm9jci5zeXxxxxxxxaHR0cHM6Ly9vY3Iuc3lzMzAzLmNvbSIsIm5hbWUxxxxxx.xxxxxx8csbHvSKSXtjDcc0zxxxxxxx",
  "expires": 1731514947
}

Error Response

{
  "error_code": 6,
  "error_msg": "No permission to access data",
  "details": null
}