取得 Token

使用 API 需要透過 Token 驗證，而每位專員的 Token 皆為獨立，彼此不互相影響與銷毀。而 Token 能使用的 API 範圍跟著擁有員工資料的權限，如一個「專員」權限的員工 token，則多個管理相關 API 將無法使用。

你可以透過以下兩種方式取得：

Get Token

To use the API, authentication is required through a token. Each agent has an independent token, and they do not interfere with or invalidate each other. The scope of API access for a token is determined by the employee data permissions. For instance, a token with "agent" permissions will be unable to access various management-related APIs.

It can be obtained through two methods:

透過系統內員工介面取得

管理者登入 FIRST LINE 後，依序前往左側選單中「系統」 > 「員工」，找到欲使用 API 之員工帳號，點擊 「產生」，便會產生永久的權杖，而若是重新產生新的金鑰，之前屬於該員工的舊權杖將立即失效。

Via the Employee Interface in the System

When an admin logs into FIRST LINE, navigate to the "System" > "Employee" option in the left menu. Locate the employee account for which you want to generate a token and click on "Generate." This action will create a permanent token. If a new key is generated, the old token belonging to that employee will immediately become invalid.

透過 API 取得

你也能透過使用者帳密與密碼來產生新的權杖，使用方式如下，每次取的新的 Token，舊有 Token 將立即失效。依據使用情境與安全性考量下，你只需要依據設定週期執行取得即可。

Get Token via API

You can also generate a new token through the API using the user's username and password. The process is as follows: each time a new token is obtained, the old token will immediately become invalid. Depending on the usage scenario and security considerations, it is recommended to obtain a new token based on the configured period.

取得權杖

POST https://{API_HOST}/api/v1/auth

Path Parameters

{
    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vYnNvLmxvY2FsaG9zdDo4MDAwL2FwaS92MS9hdXRoIiwiaWF0IjoxNTU0ODMxOTkyLCJleHAiOjE1NTUwNDgwNzksIm5iZiI6MTU1NDgzMjA3OSwianRpIjoiNzV2elE2cFVid2haTGU4UyIsInN1YiI6MSwicHJ2IjoiODdlMGFmMWVmOWZkMTU4MTJmZGVjOTcxNTNhMTRlMGIwNDc1NDZhYSIsImVtYWlsIjoib3JlaWxseS5zYWJyeW5hQGV4YW1wbGUub3JnIn0.-sQWox84CRUEtgTxKguPzDXe8kcZW4nArRDiveeiNt8",
    "token_type": "bearer",
    "expires_in": 216000
}

刷新權杖

PUT https://{API_HOST}/api/v1/auth

Request Body

{
    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vYnNvLmxvY2FsaG9zdDo4MDAwL2FwaS92MS9hdXRoIiwiaWF0IjoxNTU0ODMxOTkyLCJleHAiOjE1NTUwNDgwNzksIm5iZiI6MTU1NDgzMjA3OSwianRpIjoiNzV2elE2cFVid2haTGU4UyIsInN1YiI6MSwicHJ2IjoiODdlMGFmMWVmOWZkMTU4MTJmZGVjOTcxNTNhMTRlMGIwNDc1NDZhYSIsImVtYWlsIjoib3JlaWxseS5zYWJyeW5hQGV4YW1wbGUub3JnIn0.-sQWox84CRUEtgTxKguPzDXe8kcZW4nArRDiveeiNt8",
    "token_type": "bearer",
    "expires_in": 216000
}

curl -X PUT
    -H "Content-Type: application/json:Authorization: Bearer eyJhbGciOiJIUzI1NiI..." https://{API_HOST}/api/v1/auth

註銷權杖

PUT https://{API_HOST}/api/v1/auth/logout

註銷當前使用之權杖，相當於登出此使用者。

Request Body

{
    "message": "Successfully logged out"
}

curl -X POST
    -H "Accept: application/json"
    -H "Content-Type: application/json:Authorization: Bearer eyJhbGciOiJIUzI1NiI..." https://{API_HOST}/api/v1/auth/logout

使用方式

取得 Token 後，您可以透過該 Token 執行各種對應帳號擁有系統權限的 API 操作。FIRST LINE 的 API 請求可透過以下兩種方式之一驗證權杖（access token）。

Usage

After obtaining the token, you can perform various API operations corresponding to the system permissions associated with the account. FIRST LINE API requests can be authenticated using one of the following two methods with the access token.

Authorization header

Authorization: Bearer eyJhbGciOiJIUzI1NiI...

Query string parameter

https://{API_HOST}/api/v1/some-what?token=eyJhbGciOiJIUzI1NiI...