LINE Login API v2.0 reference

LINE Login v2.0 is deprecated

This page contains documentation for the previous version of LINE Login, v2.0. LINE Login v2.0 has been deprecated, with the end-of-life date to be determined, so we recommend that you use the current version (LINE Login v2.1). There will be a certain grace period between the end-of-life announcement and the actual end-of-life. For more information, see LINE Login versions.

Rate limits

If you send a large number of requests to the LINE Login API within a short period of time, and it is determined that it will affect the operation of the LINE Platform, we may temporarily restrict your requests. Refrain from sending large numbers of requests for any purpose, including load testing.

On rate limit thresholds

Rate limit thresholds for the LINE Login API are not disclosed.

Status codes

These HTTP status codes are returned after an API call. We follow the HTTP status code specification unless otherwise stated.

Status codeDescription
200 OKRequest successful
400 Bad RequestProblem with the request. Check the request parameters and JSON format.
401 UnauthorizedCheck that the authorization header is correct.
403 ForbiddenNot authorized to use the API. Confirm that your account or plan is authorized to use the API.
413 Payload Too LargeRequest exceeds the max size of 2MB. Make the request smaller than 2MB and try again.
429 Too Many RequestsTemporarily restricting requests because rate-limit has been exceeded by a large number of requests.
500 Internal Server ErrorTemporary error on the API server.

Issue access token

Issues access token.

The access tokens managed through the LINE Login API indicate that an app has been granted permission to access user data (such as user IDs, display names, profile images, and status messages) saved on the LINE Platform.

LINE Login API calls require you to provide an access token or refresh token that was sent in an earlier response.

Note

This is a description of the LINE Login v2.0 endpoint. For information on the v2.1 endpoint, see Issue access token in the v2.1 API reference.

Example request

HTTP request

POST https://api.line.me/v2/oauth/accessToken

Request headers

Content-Type
Required

application/x-www-form-urlencoded

Request body

grant_type
String
Required

authorization_code

code
String
Required

Authorization code received from the LINE Platform

redirect_uri
String
Required

Callback URL

client_id
String
Required

Channel ID. Found in the LINE Developers Console.

client_secret
String
Required

Channel secret. Found in the LINE Developers Console.

Response

This returns a 200 status code and a JSON object with the following information.

access_token
String

Access token. Valid for 30 days.

expires_in
Number

Number of seconds until the access token expires.

refresh_token
String

Token used to get a new access token (refresh token). Valid for up to 10 days after the access token expires.

To learn more, see Refresh access token.

scope
String

Permissions granted to the access token.

  • P: You have permission to access the user's profile information.
token_type
String

Bearer

Example response

Verify access token validity

Verifies that an access token is valid.

For general recommendations on how to securely handle user registration and login with access tokens, see Verify access tokens in the LINE Login documentation.

Note

This is the reference for the LINE Login v2.0 endpoint. For information on the v2.1 endpoint, see Verify access token validity in the LINE Login v2.1 API reference.

Example request

HTTP request

POST https://api.line.me/v2/oauth/verify

Request headers

Content-Type
Required

application/x-www-form-urlencoded

Request body

access_token
String

Access token

Response

If the access token is valid, a 200 OK status code is returned with a JSON object that has the following information.

scope
String

Permissions granted to the access token.

  • P: You have permission to access the user's profile information.
client_id
String

The channel ID for which the access token was issued.

expires_in
Number

Number of seconds until the access token expires.

Example response

Error response

If the access token has expired, a 400 Bad Request status code is returned with a JSON object.

Example error response

Refresh access token

Gets a new access token using a refresh token. Refresh tokens are returned with the access token when the user authorizes your app.

Note
  • This is the reference for the LINE Login v2.0 endpoint. For information on the v2.1 endpoint, see Refresh access token in the LINE Login v2.1 API reference.
  • You can't use this to refresh a channel access token for the Messaging API.

Example request

HTTP request

POST https://api.line.me/v2/oauth/accessToken

Request headers

Content-Type
Required

application/x-www-form-urlencoded

Request body

grant_type
String

refresh_token

refresh_token
String

The refresh token corresponding to the access token to be reissued. Valid for up to 10 days after the access token expires. If the refresh token expires, you must prompt the user to log in again to generate a new access token.

client_id
String

Channel ID. Found in the LINE Developers Console.

client_secret
String

Channel secret. Found in the LINE Developers Console.

Response

If the access token is successfully refreshed, a new access token and refresh token are returned.

token_type
String

Bearer

scope
String

Permissions granted to the access token.

  • P: You have permission to access the user's profile information.
access_token
String

Access token

expires_in
Number

Number of seconds until the access token expires.

refresh_token
String

Token used to get a new access token (refresh token). Valid for up to 10 days after the access token expires.

Example response

Error response

If the refresh token has expired, a 400 Bad Request status code is returned with a JSON object.

Example error response

Revoke access token

Invalidates a user's access token.

Note
  • This is the reference for the LINE Login v2.0 endpoint. For information on the v2.1 endpoint, see Revoke access token in the LINE Login v2.1 API reference.
  • You can't use this to invalidate a channel access token for the Messaging API.

Example request

HTTP request

POST https://api.line.me/v2/oauth/revoke

Request headers

Content-Type
Required

application/x-www-form-urlencoded

Request body

refresh_token
String

The refresh token corresponding to the access token to be invalidated.

Response

Returns status code 200 and an empty response body.

Get user profile

Gets a user's ID, display name, profile image, and status message.

Example request

HTTP request

GET https://api.line.me/v2/profile

Request headers

Authorization
Required

Bearer {access token}

Response

userId
String

User ID

displayName
String

User's display name

pictureUrl
String

Profile image URL. This is an HTTPS URL. Not included in the response if the user doesn't have a profile image.

Profile image thumbnails:

You can get a thumbnail version of a user's profile image by appending any of these suffixes to their profile image URL.

SuffixThumbnail size
/large200 x 200
/small51 x 51

e.g. https://profile.line-scdn.net/abcdefghijklmn/large

statusMessage
String

User's status message. Not included in the response if the user doesn't have a status message.

Example response