Authentication

You must issue App Secret before issuing jwt token to use channel APIs.

Follow below sequences from App config - Authentication & Authorization in Channel Development Portal.

1. Issuing App Secret

Click Issue button located on the top of the App Settings page. Be careful not to expose issued secret. Previously issued secret will be invalidated if you refresh it.

2. Registering App Permissions

You must select the Functions you want to use on each sections: Channel, User, Manager. See here for details on each function.

Permissions you selected on User and Manager sections will be included in tokens passed to WAM.

Permissions you selected on Channel section can be issued with token by following process (3).

3. Exchanging App Secret with Token through Native Function

Once you have issued App secret, you can exchange it with jwt token using Native Function.

Token requests including issueToken and refreshToken has rate-limit: 10 tokens per 30 minutes with fixed-window.

Be aware that your token request can be rejected due to rate-limit mechanisms even if you used valid secret and channelId.

IssueToken

method	PUT
endpoint	app-store-api.channel.io/general/v1/native/functions
notes	Exchange jwt token with App Secret

Request
JSON
fields
notes
required
type
secret
App Secret
true
string
channelId
channelId if you want to specify chanenl
false
string
If you do not specify channelId , app token will be issued by default. It includes permissions of following Native Functions.
registerCommands - registers commands to app. For detailed explanations, please refer Command documentations.

fields	notes	required	type
secret	App Secret	true	string
channelId	channelId if you want to specify chanenl	false	string

If you specify channelId, you can issue token including permissions you selected on Channel section on step (2). In this case, make sure your app is installed on specified channel.

Response
JSON
fields
notes
required
type
refreshToken
refreshToken
true
string
accessToken
accessToken
false
string
expiresIn
seconds
true
int64
Your token is located on accessToken . See below for usage of refreshToken.

fields	notes	required	type
refreshToken	refreshToken	true	string
accessToken	accessToken	false	string
expiresIn	seconds	true	int64

refreshToken

method	PUT
endpoint	app-store-api.channel.io/general/v1/native/functions
notes	refresh token

Request
JSON
params
notes
refreshToken
refreshToken you got on above step
Response
JSON

params	notes
refreshToken	refreshToken you got on above step

4. Using jwt Token

You can use jwt tokens on x-access-token http header when using Native Functions or Functions.

Example using x-access-token on Function calling)

JSON