API Authorization
This authorization method is for team developers to read and write team data.
Step 1: Obtain Team Authorization access_token
Important Notes!
- The access_token obtained here is related to team resources and has a very high security level. It must be stored only on the server and cannot be passed to the client.
- Subsequent steps using the access_token to obtain team data must also be initiated from the server.
- It is recommended that developers use a central control server to uniformly obtain and refresh access_tokens. Other business logic servers should use access_tokens from this central control server and should not refresh them individually, as this can easily cause conflicts and affect business operations (when refreshing access_token multiple times, only the latest one is valid).
- The access_token is valid for 2 hours. The central control server should not only actively refresh internally on a schedule but also provide a passive refresh interface for access_tokens. This allows business servers to trigger the access_token refresh process when an API call indicates that the access_token has expired.
API Endpoint
GET https://open.wesurvey.com/api/oauth2/access_token?appid={appid}&secret={secret}&grant_type=client_credential
Replace {appid} and {secret} with the application credentials obtained from the team management page. Do not include the brackets {} when making the request.
Parameter Description
| Parameter Name | Type | Required | Description |
|---|---|---|---|
| appid | string | Yes | Application ID issued to the team |
| secret | string | Yes | Application secret issued to the team |
| grant_type | string | Yes | Fixed value: client_credential |
Response Description
| Parameter Name | Type | Description |
|---|---|---|
| access_token | string | Authorization code |
| expires_in | integer | Valid duration, default is 2 hours, must re-authorize after expiration |
{
"code": "OK",
"error": {
"type": ""
},
"data": {
"access_token": "ACCESS_TOKEN",
"expires_in": 7200
},
"request_id": "6cda53f4-d0fa-41a9-95a0-77ea32c97f1e"
}
Error Codes
| error.type Code | Description |
|---|---|
| request_rate_limited | Request frequency is too high. Please reduce the frequency. access_token is valid for 2 hours and should be cached rather than obtained in real-time |
| invalid_org_subscription | The current team version does not have permission to use the API. Please upgrade first |
Step 2: Use access_token to Request Team Survey Data
Add ?appid={APPID}&access_token={ACCESS_TOKEN} to the API request
For example, to get team survey details:
GET https://open.wesurvey.com/api/surveys/{survey_id}/legacy?appid={APPID}&access_token={ACCESS_TOKEN}
Some APIs require ?openid={OPENID} For example, to get a user's survey list:
GET https://open.wesurvey.com/api/surveys?appid={APPID}&access_token={ACCESS_TOKEN}&openid={OPENID}