Login
Token
To make requests to the Wepin RESTful API, you must include a Token for authentication. Tokens for the Wepin RESTful API are generated in JWT (JSON Web Token) format. The API adopts an enhanced security approach using the Access Token and Refresh Token mechanism, a common authentication method in JWT-based systems.
The Access Token expires 12 hours after issuance. The Refresh Token remains valid for 7 days and can be used to issue a new Access Token.
When a login request is made, the response includes tokens: an accessToken and a refreshToken. The detailed process for token issuance is as follows:
Token Issuance During Login
Access Token and Refresh Token are issued during the login process.
Validate Token Before Sending an API Request
If both the Access Token and Refresh Token are expired: An error is raised. Re-login is required to issue new Access and Refresh Tokens.
If the Access Token is expired but the Refresh Token is still valid: Use the token refresh process to verify the Refresh Token and issue a new Access Token.
If the Access Token is valid but the Refresh Token is expired: Re-login is required to issue new Access and Refresh Tokens.
If both Access Token and Refresh Token are valid: Requests can be sent without issues.
Client-Side Token Validation
Applications using Wepin RESTful API should verify token validity before sending a request. If the token is valid, proceed with the request.
Handle Token Expiry During Requests
If the token validity is not verified before the API request and an HTTP Status Code 401 (Unauthorized) is returned, the client should refresh the token before retrying the request.
Request Header
Below are the required values for the Request Header when using the Wepin SDK API:
X-API-KEY
${APP_KEY}
The App Key assigned during app registration
X-API-DOMAIN
${APP_DOMAIN}
The base domain, package name, or bundle ID registered when creating the app
Authorization
Bearer {token}
Bearer {token} where {token} is the Access Token received after Wepin login
X-SDK-TYPE
{platform}_rest_api
The platform using the RESTful API (e.g., android, ios, web). Example: web_res_api
Content-Type
application/json
Status Code
200
Success. JSON object included in the response.
400
Invalid data sent.
401
Token expired.
403
App Key error.
404
Not found.
500
Server internal error.
Error Response
message
String
Error message
code
Integer
Error code value
data
Object
Error detail data
Check App Information
Check the validity of the issued App Key and confirm whether the registered app information is correct.
Request
Parameter
platform
Integer
1
: web
2
: android
3
: ios
O
withNetwork
Boolean
true
: Returns the network information used by the app registered in the Workspace.
false
: Does not return the network information used by the app registered in the Workspace. Default value.
X
Response
Success Response
stage
Integer
1
: development
2
: product
appInfo
Object
App information(appinfo
)
appInfo
id
: App IDassets
array of objectcoinId
integerNetwork coin ID used by the app
tokens
integer[]List of FT (Fungible Token) IDs used by the app
Login
To use the Wepin Wallet, you must log in. Wepin supports social login and email login through Firebase. To view the list of social login options supported by Wepin, please refer to the Social Login Provider page.
Wepin provides login libraries tailored to various development environments. For a list of login libraries by platform, see the API Overview page.
Perform Wepin login using the token obtained from the Firebase login result.
Request
Parameter
idToken
String
(Using Wepin Login Library) Token value obtained from firebase login result
O
Response
loginStatus
String
pinRequired
: If this is the user's first login to Wepin, they must register with Wepin and create a new wallet. Therefore, the user needs to set a PIN required for wallet creation.
registerRequired
: If the user already has a Wepin wallet but is using the app for the first time, the user's Wepin wallet must register the app. Therefore, user PIN authentication for the existing wallet is required.
complete
: Indicates that the user login has been successfully completed.
walletId
string (optional)
The user's wallet ID. If the wallet already exists (when loginStatus
is registerRequired
or complete
), the walletId
will be returned.
token
Object
When the Wepin login is successfully completed, a token is returned.
userInfo
UserInfo (Object)
User information for the completed login. It is returned only when loginStatus is complete. (userInfo)
token
access
StringAccess Token (Encoded JWT Token)
refresh
StringRefresh Token (Encoded JWT Token)
userInfo
userId
StringUser Id
email
StringUser e-mail
name
StringUser's name
locale
StringLanguage set by the user
currency
StringCurrency set by the user
lastAccessDevice
StringLast connected device
lastSessionIp
StringLast connected IP
userJoinStage
IntegerUser registration stage (Not used when directly calling REST API)
3
: Registration completed
profileImage
StringURL of the user's profile image
userState
IntegerUser status
1
: active2
: deleted
user2FA
Integer2FA activation status
0
: Created but not yet authenticated - 2FA not available1
: Registration completed2
: 2FA recovery code verification completed
Example
Logout
Performs user logout. Used together with Firebase logout and the logout
function of the Wepin Login Library.
Request
Parameter
Response
Success Response
Returns an empty object.
Token Reissuance
If the issued Access Token has expired but the Refresh Token is still valid, a new Access Token must be reissued.
Request
Parameter
Name
Type
Description
Required
refresh_token
String
Refresh Token received during the login process (token)
O
Response
token
String
New Access Token
Agreeing to Terms of Service
When logging into the Wepin wallet, users must agree to the wallet's terms of service. After successfully login, the user's agreement status is updated on the Wepin backend server.
Request
Parameter
termsAccepted
Object
The terms agreed upon by the user.
If additional types of terms are introduced, new properties will be added.
Once the value of a property is set to true
, it cannot revert to false
.
O
termsAccepted
termsOfService
BooleanAgreement to the Terms of Service
privacyPolicy
BooleanAgreement to the Privacy Policy
Agreement to Wepin Wallet Service Terms
Terms of Service: https://delivery.wepin.io/service/terms/en.html
Privacy Policy: https://delivery.wepin.io/service/privacy/en.html
Response
The content matches the body of the Request.
termsAccepted
Object
The terms agreed upon by the user.
If additional types of terms are introduced, new properties will be added.
Once the value of a property is set to true
, it cannot revert to false
.
Get Terms of Service Agreement Status
Use the API to get the user's agreement status for the terms of service.
Request
Parameter
Response
termsAccepted
Object
Terms agreed upon by the user.
If additional types of terms are introduced, new properties will be added.
Once the value of a property is set to true
, it cannot revert to false
.
O
Last updated