1. Documents
  2. Social REST API

(Deprecated) Overview

There are several REST APIs that can be called from your application. This page explains how to call APIs using access tokens and how to update the access tokens.

Deprecated version

The information on this page is deprecated and should be used for reference purposes only. For information on the latest version, see Social REST APIs.

Prerequisites

Access tokens, which are issued after the authentication and authorization process, must be retrieved before calling APIs. How the access tokens are issued depends on the type of device used.

References

See the following pages for details.

How to use APIs

When using an API, an access token must be specified in the request header of the HTTP request to be sent to the endpoint URL of the API. The API endpoint URL is as follows.

https://api.line.me
(Deprecated) https://channel-apis.line.naver.jp

The access token must be specified in the Authorization request header field (X-Line-ChannelToken was deprecated). For example, the following HTTP request can be sent to retrieve the profile information of a user. (All access tokens in the examples below are dummy values.)

GET /v1/profile HTTP/1.1
Host: api.line.me
Authorization: Bearer uZ8vAPhNsKX72xot1aSGo1W8zwZ58snmZYPD
(Deprecated) X-Line-ChannelToken: uZ8vAPhNsKX72xot1aSGo1W8zwZ58snmZYPD
...

For APIs that use the POST or PUT HTTP methods, an appropriate Content-Type request header field, along with any other required fields, is required in the request body. For more information, refer to the respective API reference pages. A response to the request will be returned if the request is processed correctly.

Error responses

Issued access tokens may not always be valid. They may become invalid when users unlink the app, the tokens expire, or for other reasons. When an invalid access token is used to call an API, the call will fail and one of the following error responses will be returned.

Reason HTTP status code Response body
The access token has become invalid because of the LINE Platform 401 {“statusCode”:”412″,”statusMessage”:”accessToken expired(1)”}
The user has unlinked the app (user has unregistered from LINE app) 401 {“statusCode”:”412″,”statusMessage”:”accessToken expired(2)”}
The access token has expired 401 {“statusCode”:”412″,”statusMessage”:”accessToken expired”}
An access token that has not been issued was specified 401 {“statusCode”:”401″,”statusMessage”:”invalid token”}

Logout

Applications commonly include a function for the user to log out of their account after using the application. Access tokens and refresh tokens must be invalidated immediately when the user logs out using the logout function or after a period of inactivity.

Request

HTTP method DELETE
Endpoint URL https://api.line.me/v1/oauth/logout
(Deprecated) https://channel-apis.line.naver.jp/v1/oauth/logout
Required request header X-Line-ChannelToken: Access token

Response

The results for this API is returned in JSON format.

Property Type Description
result String Always “OK”

The specific response should be as follows.

{"result":"OK"}

Reissuing access tokens

When issuing access tokens, the following information is retrieved in addition to the access token.

Item name Description
mid Authorized user ID.
accessToken Access token string.
expire Expiry date of the access token. This value will be expressed in milliseconds from epoch (January 1 1970 00:00:00 GMT).
refreshToken Token string required when reissuing (refreshing) a new access token.

The access token cannot be used again after the expiry date shown in expire (API calls will fail). There are two ways to retrieve a new access token.

  • By using the appropriate method for the device and having the user log in and agree to the permissions again.
  • By using a refresh token.

Refresh tokens are advantageous as it lets you retrieve new access tokens without user action. The following section explains how to reissue an access token using a refresh token.

Request

HTTP method POST
Endpoint URL https://api.line.me/v1/oauth/accessToken
(Deprecated) https://channel-apis.line.naver.jp/v1/oauth/accessToken
Required request header Content-Type: application/x-www-form-urlencoded
X-Line-ChannelToken: Access token

Specify the following in form encoded format in the request body.

Name Type Default value Description
refreshToken String Refresh token string.

The request should be as follows.

refreshToken=abc123def456

Response

The results for this API will be returned in JSON format.

Property Type Description
mid String Authorized user ID.
accessToken String Reissued access token string.
expire Integer Expiry date of new access token. This value will be expressed in milliseconds from epoch (January 1 1970 00:00:00 GMT).
refreshToken String Token string required when reissuing (refreshing) a new access token.

The response should be as follows.

{
  "mid":"u0047556f2e40dba2456887320ba7c76d",
  "accessToken":"ud81c65b01f5a59d39f8163815b34dad7aXNzdWVkV",
  "expire":1371721724089,
  "refreshToken":"ZkcqmSWsKnMSXq5hPpWd"
}

Delete the old information and use the new access token to call APIs.

Error responses

If an error occurs, the following responses may be returned.

Reason HTTP status code Response body
The access token has become invalid because of the LINE Platform 401 {“statusCode”:”412″,”statusMessage”:”accessToken expired(1)”}
The user has unlinked the app (user has unregistered from LINE app) 401 {“statusCode”:”412″,”statusMessage”:”accessToken expired(2)”}
The access token has expired 401 {“statusCode”:”412″,”statusMessage”:”accessToken expired”}
An access token that has not been issued was specified 401 {“statusCode”:”401″,”statusMessage”:”invalid token”}
An invalid refresh token was specified 401 {“statusCode”:”401″,”statusMessage”:”invalid refreshToken”}
The access token cannot be reissued at this time 403 {“statusCode”:”414″,”statusMessage”:”TOKEN_NOT_REFRESHABLE”}
Invalid combination of access and refresh tokens 401 {“statusCode”:”411″,”statusMessage”:”TOKEN_INVALID_TOKEN”}
Channel is invalid 403 {“statusCode”:”418″,”statusMessage”:”CHANNEL_INACTIVE”}

Checking the validity of access tokens

Information including access tokens is sent to the backend server of the application under development from smartphones and the APIs are accessed from the server. Malicious third parties may gain access to the access tokens during this process, and impersonation of users may occur. To prevent such problems, the received access tokens must be verified to make sure they are sent from the correct application.

The LINE Platform provides an API that retrieves information and checks the validity of access tokens. The validity of access tokens must be checked using this API.

Request

HTTP method GET
Endpoint URL https://api.line.me/v1/oauth/verify
(Deprecated) https://channel-apis.line.naver.jp/v1/oauth/verify
Required request header Authorization: Bearer access token
(Deprecated) X-Line-ChannelToken: Access token

This API supports the following query parameters.

Name Type Default value Description
extend String false Optional. Specify this parameter when you want to know the expiry date of the access token.

Response

The results for this API will be returned in JSON format.

Property Type Description
mid String Authorized user ID.
channelId String ID of the Channel that this access token is to be issued for.
expire Integer Expiry date of the access token. This value is expressed in milliseconds from epoch (January 1 1970 00:00:00 GMT).
This is included in the response when the extend query parameter is specified as true.

The results of the API should be displayed in the following format.

{
  "channelId":1350031035,
  "expire":1371721724089,
  "mid":"ub00b9ac609e51f4707cd86d8e797491b"
}

Error responses

If an error occurs, the following responses may be returned.

Reason HTTP status code Response body
Access token not specified 401 {“statusCode”:”401″,”statusMessage”:”authentication scheme not found.”}
An access token that has not been issued was specified 401 {“statusCode”:”401″,”statusMessage”:”invalid token”}
The access token has become invalid because of the LINE Platform 401 {“statusCode”:”412″,”statusMessage”:”accessToken expired(1)”}
The user has unlinked the app (user has unregistered from LINE app) 401 {“statusCode”:”412″,”statusMessage”:”accessToken expired(2)”}
The access token has expired 401 {“statusCode”:”412″,”statusMessage”:”accessToken expired”}