# LINE Login API v2.0 reference

Note

This is an older version (v2.0) of the API reference.

To learn about version 2.1 of the API, which supports the OpenID Connect (opens new window) protocol and allows you to get user information with ID tokens, see the LINE Login v2.1 API reference.

# Common specifications

# Status codes

The following HTTP status codes are returned after an API call. We follow the HTTP status code specification (opens new window) unless otherwise stated.

Status code Description
200 OK Request successful
400 Bad Request Problem with the request. Check the request parameters and JSON format.
401 Unauthorized Check that the authorization header is correct.
403 Forbidden Not authorized to use the API. Confirm that your account or plan is authorized to use the API.
429 Too Many Requests Make sure that you are within the rate limit for requests.
500 Internal Server Error Temporary error on the API server.

# OAuth

# Issue access token

Issues access token.

The access tokens managed through the LINE Login API indicate that an app has been granted permission to access user information (such as user IDs, display names, profile images, and status messages) saved on the LINE Platform.

LINE Login API calls require you to provide an access token or refresh token that was sent in an earlier response.

Note

This is a description of the LINE Login v2.0 endpoint. For information on the v2.1 endpoint, see Issue access token in the v2.1 API reference.

Example request

# HTTP request

POST https://api.line.me/v2/oauth/accessToken

# Request headers

Content-Type

application/x-www-form-urlencoded

# Request body

grant_type

String

Required

authorization_code

code

String

Required

Authorization code received from the LINE Platform

redirect_uri

String

Required

Callback URL

client_id

String

Required

Channel ID. Found in the LINE Developers Console.

client_secret

String

Required

Channel secret. Found in the LINE Developers Console.

# Response

This returns a 200 status code and a JSON object with the following information.

access_token

String

Access token. Valid for 30 days.

expires_in

Number

Number of seconds until the access token expires.

refresh_token

String

Token used to get a new access token (refresh token). Valid for up to 10 days after the access token expires.

To learn more, see Refresh access token.

scope

String

Permissions granted to the access token.

  • P | You have permission to access the user's profile information.

token_type

String

Bearer

Example response

# Verify access token validity

Verifies that an access token is valid.

For general recommendations on how to securely handle user registration and login with access tokens, see Verify access tokens in the LINE Login documentation.

Note

This is the reference for the LINE Login v2.0 endpoint. For information on the v2.1 endpoint, see Verify access token validity in the LINE Login v2.1 API reference.

Example request

# HTTP request

POST https://api.line.me/v2/oauth/verify

# Request headers

Content-Type

application/x-www-form-urlencoded

# Request body

access_token

String

Access token

# Response

If the access token is valid, a 200 OK status code is returned with a JSON object that has the following information.

scope

String

Permissions granted to the access token.

  • P | You have permission to access the user's profile information.

client_id

String

The channel ID for which the access token was issued.

expires_in

Number

Number of seconds until the access token expires.

Example response

# Error response

If the access token has expired, a 400 Bad Request status code is returned with a JSON object.

Example error response

# Refresh access token

Gets a new access token using a refresh token. Refresh tokens are returned with the access token when the user authorizes your app.

Note
  • This is the reference for the LINE Login v2.0 endpoint. For information on the v2.1 endpoint, see Refresh access token in the LINE Login v2.1 API reference.
  • You can't use this to refresh a channel access token for the Messaging API.

Example request

# HTTP request

POST https://api.line.me/v2/oauth/accessToken

# Request headers

Content-Type

application/x-www-form-urlencoded

# Request body

grant_type

String

refresh_token

refresh_token

String

The refresh token corresponding to the access token to be reissued. Valid for up to 10 days after the access token expires. If the refresh token expires, you must prompt the user to log in again to generate a new access token.

client_id

String

Channel ID. Found in the LINE Developers Console.

client_secret

String

Channel secret. Found in the LINE Developers Console.

# Response

If the access token is successfully refreshed, a new access token and refresh token are returned.

token_type

String

Bearer

scope

String

Permissions granted to the access token.

  • P | You have permission to access the user's profile information.

access_token

String

Access token

expires_in

Number

Number of seconds until the access token expires.

refresh_token

String

Token used to get a new access token (refresh token). Valid for up to 10 days after the access token expires.

Example response

# Error response

If the refresh token has expired, a 400 Bad Request status code is returned with a JSON object.

Example error response

# Revoke access token

Invalidates a user's access token.

Note
  • This is the reference for the LINE Login v2.0 endpoint. For information on the v2.1 endpoint, see Revoke access token in the LINE Login v2.1 API reference.
  • You can't use this to invalidate a channel access token for the Messaging API.

Example request

# HTTP request

POST https://api.line.me/v2/oauth/revoke

# Request headers

Content-Type

application/x-www-form-urlencoded

# Request body

refresh_token

String

The refresh token corresponding to the access token to be invalidated.

# Response

Returns status code 200 and an empty response body.

# Profile

# Get user profile

Gets a user's ID, display name, profile image, and status message.

Example request

# HTTP request

GET https://api.line.me/v2/profile

# Request headers

Authorization

Bearer {access token}

# Response

userId

String

User ID

displayName

String

User's display name

pictureUrl

String

Profile image URL. This is an HTTPS URL. Not included in the response if the user doesn't have a profile image.

Profile image thumbnails:

You can get a thumbnail version of a user's profile image by appending any of these suffixes to their profile image URL.

Suffix Thumbnail size
/large 200 x 200
/small 51 x 51

Example: https://profile.line-scdn.net/abcdefghijklmn/large

statusMessage

String

User's status message. Not included in the response if the user doesn't have a status message.

Example response