### Get My Status Endpoint Example Source: https://developer.chatwork.com/docs/endpoints This example shows the expected HTTP response headers and body for a successful GET /my/status request. Use this to retrieve your unread message counts. ```http HTTP/2 200 content-type: application/json ``` ```json { "unread_room_num": 2, "mention_room_num": 1, "mytask_room_num": 3, "unread_num": 12, "mention_num": 1, "mytask_num": 8 } ``` -------------------------------- ### cURL Example: Public Client Source: https://developer.chatwork.com/docs/oauth Example of how to issue a token using a `curl` command for a public client. ```APIDOC ```curl curl -v -X POST -d 'grant_type=authorization_code \ &client_id=Lvo0YN92ga5kP \ &code=26d13798facc9a0ca05a8cb7246020f15a311 \ &redirect_uri=https://127.0.0.1/callback &code_verifier=5b0029bd34e559e0abe7a37051aa411398913fc3579e27bd963a2b9a647f12f58a335beeb4d83a53a74ff1a6f99f6af385d2992c73beead39f57dcee95e0f954' \ https://oauth.chatwork.com/token ``` ``` -------------------------------- ### cURL Example: Confidential Client Source: https://developer.chatwork.com/docs/oauth Example of how to issue a token using a `curl` command for a confidential client. ```APIDOC ```curl curl -v --user 'Lvo0YN92ga5kP:secret' \ -X POST -d 'grant_type=authorization_code \ &code=26d13798facc9a0ca05a8cb7246020f15a311 \ &redirect_uri=https://127.0.0.1/callback \ &code_verifier=5b0029bd34e559e0abe7a37051aa411398913fc3579e27bd963a2b9a647f12f58a335beeb4d83a53a74ff1a6f99f6af385d2992c73beead39f57dcee95e0f954' \ https://oauth.chatwork.com/token ``` ``` -------------------------------- ### POST /token Request and Response Source: https://developer.chatwork.com/docs/oauth Example of a POST request to obtain an access token and the subsequent JSON response containing the token and other details. ```curl > POST /token HTTP/2 > Host: 127.0.0.1 > authorization: Basic THZvMFlOOTJnYTVrUDphYmNkZWZnaGlqa2xubW9wcXJzdHV2d3h5ejAxMjM0NTY3ODk= > accept: */* > content-length: 199 > content-type: application/x-www-form-urlencoded > < HTTP/2 200 < cache-control: no-store < pragma: no-cache < content-type: application/json < content-length: 989 { "access_token": "eyJjdHkiOiJKV1QiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImlOUVh0dFR2RHZhcDVkSWpGQzA5ZHZadHFXaGQ2WmFRb2pKenVuUS1vV28ifQ.eyJhdWQiOiJodHRwczovL2FwaS5jaGF0d29yay5jb20iLCJzdWIiOiIzIiwiYWNjb3VudF9pZCI6IjMiLCJzY29wZSI6WyJhbGwiXSwiaXNzIjoiaHR0cHM6Ly9vYXV0aC5jaGF0d29yay5jb20iLCJleHAiOjE1MDExMzgwNDEsImlhdCI6MTUwMTEzNzE0MSwianRpIjoiOTcwNDAwOWItNTdlNi00NDU5LTg5NzMtNjc3ZmM5YjA5MjgyIiwiY2xpZW50X2lkIjoiTHZvMFlOOTJnYTVrUCJ9.BIS8QvyTHz7KK_fnmvc0fa8NQDOWy7v8Ni0LvLyuROE5UEi7l_HxDT8tHLTQLELIm3jOw4SiW94KPYwduRL467vJ2j2eNT-zTkCXtEN8pxbA0HtnBrtCcp0dRJEMnfBegzkoAe8BTB6gee3rrXy6sQcLb19WBrrHNbjICFL0--SG3IvPanOzABqiNMqfScnasTtj7xtIaNpbxf8LDIH3EF150Iif4BqSczJr-XppBTBYuP32UlBnRlQOXvXqymGijQXgqDOo3LLFY_k62OoPYAQ3UXkaum86Al-DJM6iC-043kBINbYLLPo0uwwsolmjRDG5zBzPC0GtcjXiLy4Gqg", "token_type": "Bearer", "expires_in": 1800, "refresh_token": "86277ab4fd9d111bd3225215d96d622c9ae6810d82cd6d0e9530bf35adda67ab7d3c24e2a0052e9d3b442ce212ca17ecf07ddbd8c3477aa3abde15e4ebcf7b53", "scope": "rooms.all:read_write" } ``` -------------------------------- ### Obtain Access Token Source: https://developer.chatwork.com/docs/oauth This example shows how to request an access token using a POST request to the /token endpoint. The request includes basic authorization credentials and specifies the content type. ```APIDOC ## POST /token ### Description Requests an access token for authenticating with the Chatwork API. ### Method POST ### Endpoint /token ### Request Body - **grant_type** (string) - Required - Typically 'authorization_code' or 'refresh_token'. - **code** (string) - Required if grant_type is 'authorization_code' - The authorization code received from the user. - **refresh_token** (string) - Required if grant_type is 'refresh_token' - The refresh token to obtain a new access token. - **redirect_uri** (string) - Required if grant_type is 'authorization_code' - The redirect URI used during the authorization request. ### Request Example ```curl POST /token HTTP/2 Host: 127.0.0.1 authorization: Basic THZvMFlOOTJnYTVrUDphYmNkZWZnaGlqa2xubW9wcXJzdHV2d3h5ejAxMjM0NTY3ODk= accept: */* content-type: application/x-www-form-urlencoded grant_type=authorization_code&code=AUTHORIZATION_CODE&redirect_uri=REDIRECT_URI ``` ### Response #### Success Response (200) - **access_token** (string) - The obtained access token. - **token_type** (string) - The type of token, usually 'Bearer'. - **expires_in** (integer) - The token's validity period in seconds. - **refresh_token** (string) - The refresh token for obtaining new access tokens. - **scope** (string) - The granted scopes for the token. #### Response Example ```json { "access_token": "eyJjdHkiOiJKV1QiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImlOUVh0dFR2RHZhcDVkSWpGQzA5ZHZadHFXaGQ2WmFRb2pKenVuUS1vV28ifQ.eyJhdWQiOiJodHRwczovL2FwaS5jaGF0d29yay5jb20iLCJzdWIiOiIzIiwiYWNjb3VudF9pZCI6IjMiLCJzY29wZSI6WyJhbGwiXSwiaXNzIjoiaHR0cHM6Ly9vYXV0aC5jaGF0d29yay5jb20iLCJleHAiOjE1MDExMzgwNDEsImlhdCI6MTUwMTEzNzE0MSwianRpIjoiOTcwNDAwOWItNTdlNi00NDU5LTg5NzMtNjc3ZmM5YjA5MjgyIiwiY2xpZW50X2lkIjoiTHZvMFlOOTJnYTVrUCJ9.BIS8QvyTHz7KK_fnmvc0fa8NQDOWy7v8Ni0LvLyuROE5UEi7l_HxDT8tHLTQLELIm3jOw4SiW94KPYwduRL467vJ2j2eNT-zTkCXtEN8pxbA0HtnBrtCcp0dRJEMnfBegzkoAe8BTB6gee3rrXy6sQcLb19WBrrHNbjICFL0--SG3IvPanOzABqiNMqfScnasTtj7xtIaNpbxf8LDIH3EF150Iif4BqSczJr-XppBTBYuP32UlBnRlQOXvXqymGijQXgqDOo3LLFY_k62OoPYAQ3UXkaum86Al-DJM6iC-043kBINbYLLPo0uwwsolmjRDG5zBzPC0GtcjXiLy4Gqg", "token_type": "Bearer", "expires_in": 1800, "refresh_token": "86277ab4fd9d111bd3225215d96d622c9ae6810d82cd6d0e9530bf35adda67ab7d3c24e2a0052e9d3b442ce212ca17ecf07ddbd8c3477aa3abde15e4ebcf7b53", "scope": "rooms.all:read_write" } ``` #### Error Response - **www-authenticate** (string) - Contains error details if the token is invalid or expired. ``` -------------------------------- ### Authorization Header Example Source: https://developer.chatwork.com/docs/oauth Specifies the 'authorization' header format using the Bearer scheme with an access token for API requests. ```http authorization: Bearer eyJjdHkiOiJKV1QiLCJ0eXAiOiJKV1QiLCJhGciOiJSUzI1NiIsImtpZCI6ImlOUVh0dFR2RHZhcDVkSWpGQzA5Z HZadHFXaGQ2WmFRb2pKenVuUS1vV28ifQ.eyJhdWQiOiJodHRwcz ovL2FwaS5jaGF0d29yay5jb20iLCJzdWIiOiIzIiwiYWNjb3VudF9pZC I6IjMiLCJzY29wZSI6WyJhbGwiXSwiaXNzIjoiaHR0cHM6Ly9vYXV0a C5jaGF0d29yay5jb20iLCJleHAiOjE1MDExMzgwNDEsImlhdCI6MTU wMTEzNzE0MSwianRpIjoiOTcwNDAwOWItNTdlNi00NDU5LTg5NzMt Njc3ZmM5YjA5MjgyIiwiY2xpZW50X2lkIjoiTHZvMFlOOTJnYTVrUCJ9. BIS8QvyTHz7KK_fnmvc0fa8NQDOWy7v8Ni0LvLyuROE5UEi7l_Hx DT8tHLTQLELIm3jOw4SiW94KPYwduRL467vJ2j2eNT-zTkCXtEN 8pxbA0HtnBrtCcp0dRJEMnfBegzkoAe8BTB6gee3rrXy6sQcLb19 WBrrHNbjICFL0--SG3IvPanOzABqiNMqfScnasTtj7xtIaNpbxf8LDIH3E F150Iif4BqSczJr-XppBTBYuP32UlBnRlQOXvXqymGijQXgqDOo3LLFY _k62OoPYAQ3UXkaum86Al-DJM6iC-043kBINbYLLPo0uwwsolmjRD G5zBzPC0GtcjXiLy4Gqg ``` -------------------------------- ### Example Webhook Request Body Source: https://developer.chatwork.com/docs/webhook This is an example of the JSON payload received by your webhook URL when an event occurs. It includes event details and metadata. ```json { "webhook_setting_id": "12345", "webhook_event_type": "mention_to_me", "webhook_event_time": 1498028130, "webhook_event":{ "from_account_id": 123456, "to_account_id": 1484814, "room_id": 567890123, "message_id": "789012345", "body": "[To:1484814]おかずはなんですか?", "send_time": 1498028125, "update_time": 0 } } ``` -------------------------------- ### Redirect URL after Authorization Denial Source: https://developer.chatwork.com/docs/oauth Example of the redirect URI when a user denies authorization. The redirect includes an 'error' parameter set to 'access_denied' and the 'state' parameter. ```plaintext https://example.com/callback.php?error=access_denied ``` -------------------------------- ### API Rate Limit Information Source: https://developer.chatwork.com/docs/endpoints This example shows HTTP response headers indicating the API rate limit status. It includes the maximum calls allowed, remaining calls, and the time until the limit resets. ```http HTTP/2 200 content-type: application/json x-ratelimit-limit: 300 x-ratelimit-remaining: 244 x-ratelimit-reset: 1390941626 ``` -------------------------------- ### Curl Command to Access Chatwork API Source: https://developer.chatwork.com/docs/oauth Demonstrates how to use the `curl` command to make a GET request to the /me endpoint, including the authorization header. ```curl curl -v -H 'authorization: Bearer eyJjdHkiOiJKV1QiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImlOUVh0dFR2RHZhcDVkSWpGQzA5ZHZadHFXaGQ2WmFRb2pKenVuUS1vV28ifQ.eyJhdWQiOiJodHRwczovL2FwaS5jaGF0d29yay5jb20iLCJzdWIiOiIxNzMiLCJhY2NvdW50X2lkIjoiMTczIiwic2NvcGUiOlsiYWxsIl0sImlzcyI6Imh0dHBzOi8vb2F1dGguY2hhdHdvcmsuY29tIiwiZXhwIjoxNTAyMjUxNDU4LCJpYXQiOjE1MDIyNDk2NTgsImp0aSI6IjRlNzg5ZTAzLTk2NjAtNDc4MC1hYThkLTVmZjk2YmU0MzMyNSIsImNsaWVudF9pZCI6Ikx2bzBZTjkyZ2E1a1AifQ.Y14Sr0SmtgwLegwWPMeQlPut2XmP74y3QdupCAN7Hc5Id10Qvgq-csuYVxxAYStqZUO4sZ_j9SeE7-rqhuNowDMwqVaTGfDvAvtQLitPKDUb2g6x87c-lfffkJkIiL1xcH3lHrmQkBa_H81-_a3VFJila8hFptvygOp19OSDSrUIlcq6PeHlfNQtXjs2VFREQydQNE2cdLe68Nh5F5V4HX20C449MKNWK4ybwmFrnX-o9KgERaP1rjrCcWYrZ-lK8TquHti9XMfSaj71eDkfPVOLyCOe1_zBEEH8NRFtN2OcVQWJFPy09rz1yw7a1YARdsU4DukrhWvWcVxIad8ygA' \ 'https://api.chatwork.com/v2/me' ``` ```curl > GET /v2/me HTTP/2 > Host: api.chatwork.com > accept: */* > authorization: Bearer eyJjdHkiOiJKV1QiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImlOUVh0dFR2RHZhcDVkSWpGQzA5ZHZadHFXaGQ2WmFRb2pKenVuUS1vV28ifQ.eyJhdWQiOiJodHRwczovL2FwaS5jaGF0d29yay5jb20iLCJzdWIiOiIxNzMiLCJhY2NvdW50X2lkIjoiMTczIiwic2NvcGUiOlsiYWxsIl0sImlzcyI6Imh0dHBzOi8vb2F1dGguY2hhdHdvcmsuY29tIiwiZXhwIjoxNTAyMjUxNDU4LCJpYXQiOjE1MDIyNDk2NTgsImp0aSI6IjRlNzg5ZTAzLTk2NjAtNDc4MC1hYThkLTVmZjk2YmU0MzMyNSIsImNsaWVudF9pZCI6Ikx2bzBZTjkyZ2E1a1AifQ.Y14Sr0SmtgwLegwWPMeQlPut2XmP74y3QdupCAN7Hc5Id10Qvgq-csuYVxxAYStqZUO4sZ_j9SeE7-rqhuNowDMwqVaTGfDvAvtQLitPKDUb2g6x87c-lfffkJkIiL1xcH3lHrmQkBa_H81-_a3VFJila8hFptvygOp19OSDSrUIlcq6PeHlfNQtXjs2VFREQydQNE2cdLe68Nh5F5V4HX20C449MKNWK4ybwmFrnX-o9KgERaP1rjrCcWYrZ-lK8TquHti9XMfSaj71eDkfPVOLyCOe1_zBEEH8NRFtN2OcVQWJFPy09rz1yw7a1YARdsU4DukrhWvWcVxIad8ygA > < HTTP/2 200 < content-type: application/json; charset=utf-8 < content-length: 412 < connection: keep-alive < x-ratelimit-limit: 300 < x-ratelimit-remaining: 299 < x-ratelimit-reset: 1502250163 < vary: Accept-Encoding,User-Agent < {"account_id":1, ...(略) } ``` -------------------------------- ### Authorization Header for Confidential Clients Source: https://developer.chatwork.com/docs/oauth Example of the 'Authorization' header for confidential clients using Basic Authentication. The username is the client ID and the password is the client secret, combined and Base64 encoded. ```http authorization: Basic THZvMFl1OO== ``` -------------------------------- ### API Token Error Example Source: https://developer.chatwork.com/docs/endpoints This example illustrates the HTTP response for an authentication error (invalid API token). The response includes a 401 status code and an error message in the JSON body. ```http HTTP/2 401 content-type: application/json ``` ```json { "errors": ["Invalid API token"] } ``` -------------------------------- ### Example Authorization URL for Consent Screen Source: https://developer.chatwork.com/docs/oauth Constructs the URL to display the consent screen for OAuth 2.0 authorization. Includes parameters like response_type, redirect_uri, client_id, state, scope, code_challenge, and code_challenge_method. ```text https://www.chatwork.com/packages/oauth2/login.php? response_type=code &redirect_uri=https://example.com/callback.php &client_id=Lvo0YN92ga5kP &state=811435b3683ae95c1cf3197deaf1bfe4b411f587 &scope=rooms.all:read_write%20users.profile.me:read &code_challenge=jlkGAsNvHshJNC7uXSSmC2tALONajPdupVf3TScb7zk &code_challenge_method=S256 ``` -------------------------------- ### cURL Command for Token Issuance (Public Client) Source: https://developer.chatwork.com/docs/oauth Example cURL command to issue an access token for a public client using the authorization code grant type. Requires client ID and specific parameters, but not a secret. ```curl curl -v -X POST -d 'grant_type=authorization_code \ &client_id=Lvo0YN92ga5kP \ &code=26d13798facc9a0ca05a8cb7246020f15a311 \ &redirect_uri=https://127.0.0.1/callback &code_verifier=5b0029bd34e559e0abe7a37051aa411398913fc3579e27bd963a2b9a647f12f58a335beeb4d83a53a74ff1a6f99f6af385d2992c73beead39f57dcee95e0f954' \ https://oauth.chatwork.com/token ``` -------------------------------- ### cURL Command for Token Issuance (Confidential Client) Source: https://developer.chatwork.com/docs/oauth Example cURL command to issue an access token for a confidential client using the authorization code grant type. Requires client credentials and specific parameters. ```curl curl -v --user 'Lvo0YN92ga5kP:secret' \ -X POST -d 'grant_type=authorization_code \ &code=26d13798facc9a0ca05a8cb7246020f15a311 \ &redirect_uri=https://127.0.0.1/callback \ &code_verifier=5b0029bd34e559e0abe7a37051aa411398913fc3579e27bd963a2b9a647f12f58a335beeb4d83a53a74ff1a6f99f6af385d2992c73beead39f57dcee95e0f954' \ https://oauth.chatwork.com/token ``` -------------------------------- ### Mention to Me Event Object Example Source: https://developer.chatwork.com/docs/webhook This JSON object represents a webhook event when a user is mentioned in a message. It contains sender and receiver account IDs, room ID, message details, and timestamps. ```json { "from_account_id": 1234567890, "to_account_id": 1484814, "room_id": 567890123, "message_id": "789012345", "body": "[To:1484814]おかずはなんですか?", "send_time": 1498028125, "update_time": 0 } ``` -------------------------------- ### Redirect URL after Authorization Code Issuance Source: https://developer.chatwork.com/docs/oauth Example of the redirect URI after a user grants authorization. The redirect includes the authorization 'code' and the 'state' parameter previously provided. ```plaintext https://example.com/callback.php? code=a2f0c1fe96af8c3a46fa0 &state=811435b3683ae95c1cf3197deaf1bfe4b411f587 ``` -------------------------------- ### API Rate Limit Exceeded Error Source: https://developer.chatwork.com/docs/endpoints This example demonstrates the HTTP response when the API rate limit is exceeded. It returns a 429 status code and indicates that no more requests can be made until the reset time. ```http HTTP/2 429 content-type: application/json x-ratelimit-limit: 300 x-ratelimit-remaining: 0 x-ratelimit-reset: 1390941626 ``` -------------------------------- ### Message Creation Event Object Example Source: https://developer.chatwork.com/docs/webhook This JSON object represents a webhook event when a new message is created. It includes details such as message ID, room ID, sender information, message body, and timestamps. ```json { "message_id": "789012345", "room_id": 567890123, "account_id": 1484814, "body": "お客様とのランチミーティング用のお弁当、発注完了しました。", "send_time": 1498028120, "update_time": 0 } ``` -------------------------------- ### Parameters for Initial Token Issuance Source: https://developer.chatwork.com/docs/oauth Table detailing parameters for obtaining an access token using an authorization code. Ensure 'redirect_uri' matches the one used during authorization if specified. ```html
パラメーター名 指定する値 必須
grant_type 文字列 authorization_codeを指定してください。
code 文字列 認可許可ボタンを押して取得した認可コードを指定してください。
redirect_uri 文字列

コンセント画面を表示する際にredirect_uriを指定していた場合は、トークンを発行する際にも指定してください。

例:https://example.com/callback

code_verifier 文字列

認可リクエストでcode_challengecode_challenge_methodを指定した場合は必須。

文字列長は43文字から128文字、文字種としては正規表現で[a-zA-Z0-9-._~]+に該当する文字列になります。

``` -------------------------------- ### Display User Icon and Name Source: https://developer.chatwork.com/docs/message-notation Shows both the profile icon and name of a specified user. ```Chatwork Notation [piconname:{account_id}] ``` -------------------------------- ### Display User Profile Icon Source: https://developer.chatwork.com/docs/message-notation Shows the profile icon of a specified user. ```Chatwork Notation [picon:{account_id}] ``` -------------------------------- ### Display User Name Source: https://developer.chatwork.com/docs/message-notation Shows the name of a specified user. ```Chatwork Notation [pname:{account_id}] ``` -------------------------------- ### Obtain Token with Authorization Code Source: https://developer.chatwork.com/docs/oauth This method is used for the initial token issuance when you have an authorization code. It requires parameters like `grant_type`, `code`, and optionally `redirect_uri` and `code_verifier`. ```APIDOC ## POST /token ### Description Obtains an access token using an authorization code. This is typically the first step in the OAuth 2.0 authorization code flow. ### Method POST ### Endpoint https://oauth.chatwork.com/token ### Parameters #### Request Body - **grant_type** (string) - Required - Specify `authorization_code`. - **code** (string) - Required - The authorization code obtained after the user grants permission. - **redirect_uri** (string) - Optional - If `redirect_uri` was specified when displaying the consent screen, it must also be specified here. Example: `https://example.com/callback`. - **code_verifier** (string) - Conditional - Required if `code_challenge` and `code_challenge_method` were specified in the authorization request. String length must be between 43 and 128 characters, matching the regex `[a-zA-Z0-9-._~]+`. ``` -------------------------------- ### Room Files Management Source: https://developer.chatwork.com/docs/oauth Scopes for retrieving file information and uploading files to chat rooms. ```APIDOC ## GET /rooms/{room_id}/files ### Description Retrieves a list of files uploaded to a specified room. ### Method GET ### Endpoint /rooms/{room_id}/files ## GET /rooms/{room_id}/files/{file_id} ### Description Retrieves details of a specific file within a room. ### Method GET ### Endpoint /rooms/{room_id}/files/{file_id} ## POST /rooms/{room_id}/files ### Description Uploads a file to a specified room. ### Method POST ### Endpoint /rooms/{room_id}/files ``` -------------------------------- ### Room Creation and Deletion Scope Source: https://developer.chatwork.com/docs/oauth The `rooms:write` scope allows for the creation of new chat rooms and the deletion of rooms the user is a member of. ```APIDOC ## Scope: rooms:write ### Description Enables the creation of chat rooms and deletion of rooms the user is a member of. ### API - POST /rooms - DELETE /rooms/{room_id} ### Notes This scope is specific to managing chat room instances. ``` -------------------------------- ### Room Tasks Management Source: https://developer.chatwork.com/docs/oauth Scopes for retrieving and creating tasks within chat rooms. ```APIDOC ## GET /rooms/{room_id}/tasks ### Description Retrieves a list of tasks within a specified room. ### Method GET ### Endpoint /rooms/{room_id}/tasks ## GET /rooms/{room_id}/tasks/{task_id} ### Description Retrieves details of a specific task within a room. ### Method GET ### Endpoint /rooms/{room_id}/tasks/{task_id} ## POST /rooms/{room_id}/tasks ### Description Creates a new task within a specified room. ### Method POST ### Endpoint /rooms/{room_id}/tasks ``` -------------------------------- ### Room Management Read/Write Scope Source: https://developer.chatwork.com/docs/oauth The `rooms.all:read_write` scope provides comprehensive read and write access to chat rooms, including messages, tasks, files, and member information. ```APIDOC ## Scope: rooms.all:read_write ### Description Allows reading and writing of messages, tasks, files, summaries, and member information within chat rooms. ### API - rooms.all:read - rooms.all:write ### Notes This is an aggregated scope that includes both read and write permissions for chat room data. ``` -------------------------------- ### OAuth 2.0 Authorization Request Parameters Source: https://developer.chatwork.com/docs/oauth Table detailing the parameters for constructing an OAuth 2.0 authorization request URL. Includes required fields like response_type, client_id, and scope, as well as optional parameters like redirect_uri, state, code_challenge, and code_challenge_method. ```html
パラメーター名 指定する値 必須 説明
response_type 文字列 現在はcodeにしか対応していません。
client_id 文字列 クライアントIDを指定してください。
redirect_uri 文字列

クライアント登録時に設定したURIの中から指定してください。

例:https://example.com/callback

複数のredirect_uriを設定している場合は必須ですが、一つしか設定していない場合は任意です。

scope 文字列

スコープをスペース区切りで指定してください。

例:rooms.all:read_write contacts.all:read_write

Appendix - スコープ一覧

offline_accessスコープを指定できるのはコンフィデンシャルクライアントのみです。

state 文字列

CSRF攻撃対策として使う文字列で、リソースオーナーのセッションに紐づけて管理します。リソースオーナーが認可許可または認可拒否を行ったとき、ここでセットしたstateの文字列がクエリーパラメーターにセットされた状態でredirect_uriにリダイレクトされます。
リダイレクト後にセッションに紐づいているstateとクエリーパラメータで渡されたstateの文字列とを比較し、本番運用では必ずCSRF攻撃への対策を行ってください。

例:343ab3341331218786ef

The OAuth 2.0 Authorization Framework 10.12. Cross-Site Request Forgery

code_challenge 文字列

コンフィデンシャルクライアントの場合は任意、
パブリッククライアントの場合は必須。

値は後にトークンエンドポイントで使用するcode_verifierから算出します。

code_verifierの値からSHA-256でハッシュ値をとり、そのハッシュ値をURLセーフなBase64エンコード(パディングなし)を行います。

算出結果の文字列長は43文字から128文字、文字種としては正規表現で[a-zA-Z0-9-._~]+に該当する文字列になります。

code_challenge_method 文字列

コンフィデンシャルクライアントの場合は任意、
パブリッククライアントの場合は必須。

code_challengeを指定する場合は、必ず固定値としてS256を指定してください。

``` -------------------------------- ### To a User Source: https://developer.chatwork.com/docs/message-notation Use this to mention a specific user, making the message stand out and count as a separate unread message for them. Appending a name after the tag improves readability. ```Chatwork Notation [To:{account_id}] ``` -------------------------------- ### User Tasks Read Scope Source: https://developer.chatwork.com/docs/oauth The `users.tasks.me:read` scope allows users to retrieve their task list. ```APIDOC ## Scope: users.tasks.me:read ### Description Retrieves the user's task list. ### API - GET /my/tasks ### Notes This scope is needed to access the GET /my/tasks endpoint. ``` -------------------------------- ### Parameters for Reissuing Tokens with Refresh Token Source: https://developer.chatwork.com/docs/oauth Table detailing parameters for reissuing an access token using a refresh token. This is used for subsequent token requests after the initial one. ```html
パラメーター名 指定する値 必須
grant_type 文字列 refresh_tokenを指定してください。
refresh_token 文字列 トークン発行時に生成されたrefresh_tokenの値を指定してください。
scope 文字列

スコープをスペース区切りで指定してください。

例:users.profile.me:read

``` -------------------------------- ### Authorization Request URL Source: https://developer.chatwork.com/docs/oauth Construct the URL to initiate the OAuth 2.0 authorization flow. This URL directs the user to Chatwork's consent screen. ```APIDOC ## Authorization Request URL ### Description Construct the URL to initiate the OAuth 2.0 authorization flow. This URL directs the user to Chatwork's consent screen. ### Query Parameters - **response_type** (string) - Required - Currently only supports `code`. - **client_id** (string) - Required - Your application's client ID. - **redirect_uri** (string) - Optional - The URI to redirect to after authorization. Must be registered in your client settings. If only one `redirect_uri` is registered, this parameter is optional. - **scope** (string) - Required - Space-separated list of scopes your application requires. Example: `rooms.all:read_write contacts.all:read_write`. The `offline_access` scope is only available for confidential clients. - **state** (string) - Optional - A string to prevent CSRF attacks. This value will be returned in the redirect. - **code_challenge** (string) - Required for public clients, optional for confidential clients - A challenge generated from `code_verifier` using SHA-256 and Base64 URL encoding. Must be 43-128 characters long and match `[a-zA-Z0-9-._~]+`. - **code_challenge_method** (string) - Required for public clients, optional for confidential clients - Must be set to `S256` if `code_challenge` is provided. ### Example URL ```text URL https://www.chatwork.com/packages/oauth2/login.php?response_type=code&redirect_uri=https://example.com/callback.php&client_id=Lvo0YN92ga5kP&state=811435b3683ae95c1cf3197deaf1bfe4b411f587&scope=rooms.all:read_write%20users.profile.me:read&code_challenge=jlkGAsNvHshJNC7uXSSmC2tALONajPdupVf3TScb7zk&code_challenge_method=S256 ``` ``` -------------------------------- ### Information Block with Title Source: https://developer.chatwork.com/docs/message-notation Adds a title to an information block, making it more structured. ```Chatwork Notation [info][title]...[/title]...[/info] ``` -------------------------------- ### Room Operations Write Scope Source: https://developer.chatwork.com/docs/oauth The `rooms.all:write` scope permits operations on messages, tasks, files, summaries, and member information within chat rooms. ```APIDOC ## Scope: rooms.all:write ### Description Allows operations on messages, tasks, files, summaries, and member information within chat rooms. ### API - rooms:write - rooms.info:write - rooms.members:write - rooms.messages:write - rooms.tasks:write - rooms.files:write ### Notes This scope provides write access for managing chat room content and settings. ``` -------------------------------- ### Webhook Response Guidelines Source: https://developer.chatwork.com/docs/webhook Guidelines for responding to Chatwork Webhook POST requests, including status codes, response time, and body size limits. ```APIDOC ## Response * Always return a status code 200 for HTTPS requests. * HTTPS POST requests from Chatwork Webhook are not resent if they fail. * The response body size limit is 2,048 bytes. Exceeding this limit will be treated as an error. * You must respond within 10 seconds for HTTPS requests. Exceeding this limit will disconnect the HTTPS connection and be treated as an error. * This 10-second value may change. * If it is difficult to predict the response time due to processing content, consider an asynchronous processing method via a message queue. ### Failure Limit Feature for Increased Notification Error Rate If an HTTPS POST request fails for any reason, it is treated as a notification error. If the notification error rate increases, Chatwork Webhook will automatically change the status of the corresponding webhook setting to "disabled". Activation must be explicitly performed by the user. Refer to the webhook editing screen for activation procedures. ``` -------------------------------- ### Webhook Event Object Types Source: https://developer.chatwork.com/docs/webhook Overview of the different types of webhook events that can be received. ```APIDOC ## Webhook Event Object * [Message Creation (webhook_event_type = message_created)]() * [Message Update (webhook_event_type = message_updated)]() * [Mention to Me (webhook_event_type = mention_to_me)]() ``` -------------------------------- ### Reply to a Message Source: https://developer.chatwork.com/docs/message-notation Use this to reply to a specific message, providing context. Clicking the 'RE' icon will display the original message. ```Chatwork Notation [rp aid={account_id} to={room_id}-{message_id}] ``` -------------------------------- ### Room Information Read Scope Source: https://developer.chatwork.com/docs/oauth The `rooms.all:read` scope enables reading of messages, tasks, files, summaries, and member information within chat rooms. ```APIDOC ## Scope: rooms.all:read ### Description Allows reading of messages, tasks, files, summaries, and member information within chat rooms. ### API - rooms.info:read - rooms.members:read - rooms.messages:read - rooms.tasks:read - rooms.files:read ### Notes This scope grants read-only access to various chat room resources. ```