# Social API v2.1 reference

# OAuth

# Issue access token

Issues access token.

Example request

# HTTP request

POST https://api.line.me/oauth2/v2.1/token

# Request headers

Content-Type

application/x-www-form-urlencoded

# Request body

grant_type

String

Required

authorization_code. Specifies the grant type.

code

String

Required

Authorization code. Code returned in the authorization request.

redirect_uri

String

Required

Callback URL

client_id

String

Required

Channel ID. Found in the console.

client_secret

String

Required

Channel secret. Found in the console.

# Response

Returns the status code 200 and a JSON object with the following information.

access_token

String

Access token. Valid for 30 days.

expires_in

Number

Amount of time in seconds until the access token expires

id_token

String

JSON Web Token (JWT) that includes information about the user. This field is returned only if openid is specified in the scope. For more information about the ID token, see Getting profile information and email address based on ID token.

refresh_token

String

Token used to get a new access token. Valid up to 10 days after the access token expires.

scope

String

Permissions granted by the user. For more information, see Scopes.

token_type

String

Bearer

Example response

# Verify access token validity

Verifies the access token validity.

See Transfer login session to back-end server to confirm you've received the intended access token.

Note

This is the reference for the v2.1 endpoint. For the v2 reference, see Verify access token v2.

Example request

# HTTP request

GET https://api.line.me/oauth2/v2.1/verify

# URL parameters

access_token

Required

Access token

# Response

If the access token is valid, a 200 OK HTTP status code and a JSON response are returned with the following information.

scope

String

Permissions obtained through the access token

client_id

String

Channel ID for which the access token is issued

expires_in

Number

Expiration date of the access token. Expressed as the remaining number of seconds to expiry from when the API was called.

Example response

# Error response

If the access token has expired, a 400 Bad Request HTTP status code and a JSON response are returned.

Example error response

# Refresh access token

Gets a new access token using a refresh token. Refresh tokens are returned with the access token when the user authorizes your app.

Note

This is the reference for the v2.1 endpoint. For the v2 reference, see Refresh access token v2.

Example request

Note

Cannot be used to refresh channel access tokens which are used for the Messaging API.

# HTTP request

POST https://api.line.me/oauth2/v2.1/token

# Request headers

Content-Type

application/x-www-form-urlencoded

# Request body

grant_type

String

Required

refresh_token

refresh_token

String

Required

Refresh token. Valid up until 10 days after the access token expires. You must log in the user again if the refresh token expires.

client_id

String

Required

Channel ID. Found on the console.

client_secret

String

Optional

Channel secret. Found on the console. Note: Required if the access token was issued via a channel with the "Web app" application type.

# Response

If the call is successful, a new access token and refresh token are returned.

access_token

String

Access token. Valid for 30 days.

token_type

String

Bearer

refresh_token

String

Token used to get a new access token. Valid up until 10 days after the access token expires.

expires_in

Number

Expiration date of the access token. Expressed in the remaining number of seconds to expiry from when the API was called.

scope

String

Permissions obtained through the access token

Example response

# Error response

If the refresh token has expired, a 400 Bad Request HTTP status code and a JSON response are returned.

Example error response

# Revoke access token

Invalidates the access token.

Note

This is the reference for the v2.1 endpoint. For the v2 reference, see Revoke access token v2.

Example request

Note

Cannot be used to invalidate channel access tokens which are used for the Messaging API.

# HTTP request

POST https://api.line.me/oauth2/v2.1/revoke

# Request headers

Content-Type

application/x-www-form-urlencoded

# Request body

access_token

String

Required

Access token

client_id

String

Required

Channel ID. Found on the console.

client_secret

String

Required

Channel secret. Found on the console.

# Response

Returns the status code 200 and an empty response body.

# Verify ID token

ID tokens are JSON web tokens (JWT) with information about the user. It's possible for an attacker to spoof an ID token. Use this call to verify that a received ID token is authentic, meaning you can use it to obtain the user's profile information and email.

Example request

# HTTP request

POST https://api.line.me/oauth2/v2.1/verify

# Request body

id_token

String

Required

ID token

client_id

String

Required

Expected channel ID. Unique identifier for your channel issued by LINE. Found in the console.

nonce

String

Optional

Expected nonce value. Use the nonce value provided in the authorization request. Omit if the nonce value was not specified in the authorization request.

user_id

String

Optional

Expected user ID. Learn how to get the user ID from Get user profile.

# Response

If the specified ID token passes verification, the ID token payload is returned.

iss

String

URL where the ID token was generated.

sub

String

User ID for which the ID token was generated.

aud

String

Channel ID

exp

Number

The expiry date of the token in UNIX time.

iat

Number

Time when the ID token was generated in UNIX time.

auth_time

Number

Time the user was authenticated in UNIX time. Not included if the max_age value wasn't specified in the authorization request.

nonce

String

The nonce value specified in the authorization URL. Not included if the nonce value wasn't specified in the authorization request.

amr

Array of strings

A list of authentication methods used by the user. One or more of:

  • pwd: Login with email and password
  • lineautologin: LINE automatic login (including through LINE SDK)
  • lineqr: Log in with QR code
  • linesso: Log in with single sign-on

name

String

User's display name. Not included if the profile scope wasn't specified in the authorization request.

picture

String

User's profile image URL. Not included if the profile scope wasn't specified in the authorization request.

email

String

User's email address. Not included if the email scope wasn't specified in the authorization request.

Example response

# Error response

If the ID token fails verification, a JSON object with these properties is returned.

{
    "error": "invalid_request",
    "error_description": "access_token invalid"
}
error_description Description
Invalid IdToken. The ID token is malformed or the signature is invalid.
Invalid IdToken Issuer. The ID token was generated on a site other than "https://access.line.me".
IdToken expired. The ID token has expired.
Invalid IdToken Audience. The ID token's Audience value is different from the client_id specified in the request.
Invalid IdToken Nonce. The ID token's Nonce value is different from the nonce specified in the request.
Invalid IdToken Subject Identifier. The ID token's SubjectIdentifier value is different from the user_id specified in the request.

# Profile

# Get user profile

Gets a user's display name, profile image, and status message.

Note

Requires an access token with the profile scope. For more information, see Making an authorization request and Scopes.

Example request

# HTTP request

GET https://api.line.me/v2/profile

# Request headers

Authorization

Bearer {access token}

# Response

displayName

String

User's display name

userId

String

User ID

pictureUrl

String

Profile image URL. "https" image URL. Not included in the response if the user doesn't have a profile image.

statusMessage

String

User's status message. Not included in the response if the user doesn't have a status message.

Example response

# Profile image thumbnail

You can change the user's profile image size by adding a suffix to the URL.

Image size Suffix
200 x 200 /large
51 x 51 /small

Example profile image URL

# Friendship

# Get friendship status

Gets the friendship status of the user and the LINE official account linked to your LINE Login channel.

Note

Requires an access token with the profile scope. For more information, see Making an authorization request and Scopes.

Note

You must have a LINE official account linked with your channel. For more information, see Linking a LINE official account with your LINE Login channel.

Example request

# HTTP request

GET https://api.line.me/friendship/v1/status

# Request headers

Authorization

Bearer {access token}

# Response

friendFlag

Boolean

  • true: The user has added the LINE Official Account as a friend and has not blocked it.
  • Otherwise, false.

Example response

# Errors

# Status codes

The following HTTP status codes are returned after an API call.

Status code Description
200 OK Request successful
400 Bad Request Problem with the request. Check the request parameters and JSON format.
401 Unauthorized Check that the authorization header is correct.
403 Forbidden Not authorized to use the API. Confirm that your account or plan is authorized to use the API.
429 Too Many Requests Make sure that you are within the rate limits for requests.
500 Internal Server Error Temporary error on the API server.