API Calling

Format

The request method of the OneAccess synchronous event callback API is POST, with data encoded in UTF-8 and formatted as JSON. If the URL for the application system to receive event callbacks is https://{app_domain}/callback, OneAccess will push the updated service data to this callback address whenever there are changes in the organizations or users.

URL
POST https://{app_domain}/callback
Request header
Authorization: Bearer {access_token}. For details, see security tokens in Table 1.

Request parameters

**Table 1** Request parameters
Parameter	Type	Description
nonce	String	Random number, which is used together with timestamp to prevent replay attacks on requests.
timestamp	Integer	Timestamp, which is used together with nonce to prevent replay attacks on requests.
eventType	String	Event type. For details, see the event type list.
data	String	Message body. If encryption is disabled, the message body is sent in plaintext. If encryption is enabled, the message body must be decrypted to reveal the content. After decryption, the random and msg fields will be displayed. The msg field contains the plaintext message content.
signature	String	Message signature. If the signature function is disabled, the signature will be an empty string. If the signature function is enabled, the signature is generated based on the signature key (signatureSaltValue) provided by the enterprise application, along with the timestamp, nonce from the request, and the encrypted message body.

Response parameters

**Table 2** Response parameters
Parameter	Type	Description
code	String	Return code. The value 200 indicates success. For details about error codes, see Common Return Codes.
message	String	Description of the error cause.
data	String	Returned message body. The returned content varies depending on the service callback. For example, it may return an empty string or the required service data. If encryption is disabled, the message body is returned in plaintext. If encryption is enabled, the encrypted message body is returned. The content must be decrypted, after which the random and msg fields are generated. The msg field contains the plaintext message content.

Example request

Example request with message signature and encryption disabled:

{
	"nonce": "123456",
	"timestamp": 1783610513,
	"eventType": "eventType",
	"data": "plaintext message",
	"signature": ""
}

Example request with message signature and encryption enabled:

{
	"nonce": "123456",
	"timestamp": 1783610513,
	"eventType": "eventType",
	"data": "1ojvw2WPvW7LijxS8UvISr8pdDP+rXpPbcLGOmIBNbWetRg7IP0vdhkl",
	"signature": "111108bb8e6dbce3c9671d6fdb69d15066227608"
}

Example response

Status code: 200

Request successful.

Response example with message signature and encryption disabled:

{
	"code": "200",
	"message": "success",
	"data": "plaintext message"
}

Response example with message signature and encryption enabled:

{
	"code": "200",
	"message": "success",
	"data": "P+rXpWetRg7IP0vdhVgkVwSoZBJeQwY2zhROsJq/HJ+q6tp1qhl9L1+c"
}

Parent topic: Calling Methods

Previous topic: Calling Methods

Next topic: Signature Verification

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot