### VK ID API: Basic User Info Response Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description Example of a successful response from the VK ID API when requesting basic user information. This response includes standard fields like user ID, name, avatar, sex, verification status, and birthday. The availability of these fields depends on the default permissions associated with the access token. ```json { "user": { "user_id": "<идентификатор пользователя>", "first_name": "<имя пользователя>", "last_name": "<фамилия пользователя>", "avatar": "<ссылка на фото профиля>", "sex": <пол>, "verified": "<статус верификации пользователя>", "birthday": "<дата рождения пользователя>" } } ``` -------------------------------- ### VK ID API: Extended User Info Response (with Email and Phone) Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description An example of a successful response from the VK ID API that includes extended user information, such as email and phone number. This extended data is returned only if the access token has the necessary permissions (e.g., 'email', 'phone') granted during application setup. ```json { "user": { "user_id": "<идентификатор пользователя>", "first_name": "<имя пользователя>", "last_name": "<фамилия пользователя>", "phone": "<телефон пользователя>", "avatar": "<ссылка на фото профиля>", "email": "<почта пользователя>", "sex": <пол>, "verified": <статус верификации пользователя>, "birthday": "<дата рождения>" } } ``` -------------------------------- ### VK ID API Successful Response Example Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This JSON snippet represents a successful response from the VK ID API, indicating that an operation, such as revoking permissions or logging out, has completed successfully. The 'response' field will contain '1'. ```json { "response": 1 } ``` -------------------------------- ### POST Request to Get Masked User Data (HTTP) Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This snippet shows the structure of a POST request to the VK ID API endpoint for retrieving masked user information. It includes the URL, content type, and required form data parameters. ```http POST https://id.vk.ru/oauth2/public_info Content-Type: application/x-www-form-urlencoded client_id=<идентификатор приложения> & id_token= ``` -------------------------------- ### Get Masked User Data Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description Retrieves masked user data, including first name, last initial, masked phone, masked email, and profile picture, using a user's ID token. ```APIDOC ## POST /oauth2/public_info ### Description Retrieves masked user data (first name, last initial, masked phone, masked email, and profile picture) using a user's ID token. ### Method POST ### Endpoint https://id.vk.ru/oauth2/public_info ### Parameters #### Query Parameters - **as** (string) - Optional - Specifies the desired image format for the avatar. Available options include 32x32, 48x48, 72x72, 108x108, 160x160, 240x240, 360x360, 480x480, 540x540, 640x640, 720x720, 1080x1080, 1280x1280, 1440x1440. - **cs** (string) - Optional - Controls the size of the image based on the specified format. #### Request Body - **client_id** (string) - Required - The application identifier, available in the application settings. - **id_token** (string) - Required - The user's JSON Web Token (JWT), obtained during initial authorization. ### Request Example ``` POST https://id.vk.ru/oauth2/public_info Content-Type: application/x-www-form-urlencoded client_id=<идентификатор приложения> & id_token= ``` ### Response #### Success Response (200) - **user** (object) - Contains user data. - **user_id** (string) - Description: User identifier. - **first_name** (string) - Description: User's first name. - **last_name** (string) - Description: First letter of the user's last name. - **phone** (string) - Description: Masked phone number. - **avatar** (string) - Description: Link to the user's profile picture. - **email** (string) - Description: User's email address. #### Response Example ```json { "user": { "user_id": "<идентификатор пользователя>", "first_name": "<имя>", "last_name": "<первая буква фамилии>", "phone": "<маскированынй номер телефона>", "avatar": "<ссылка на фото профиля>", "email": "<почта>" } } ``` #### Error Response - **error** (string) - Description: Error code (e.g., `access_denied`, `invalid_id_token`, `slow_down`, `invalid_client`, `invalid_request`). - **error_description** (string) - Description: Detailed description of the error. - **state** (string) - Description: String passed in the initial request. #### Error Response Example ```json { "error": "invalid_id_token", "error_description": "id_token not provided or failed validation", "state": "" } ``` ``` -------------------------------- ### Successful Authorization Response Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description Upon successful authorization, the confirmation code, state string, and device ID are returned as query parameters in the redirect URL. The confirmation code is valid for 10 minutes. ```APIDOC ## GET https:// ### Description This endpoint is called upon successful user authorization. It returns the authorization code, device ID, and state as query parameters in the redirect URL. ### Method GET ### Endpoint https:// ### Query Parameters - **code** (string) - Required - The authorization code to be exchanged for tokens. Valid for 10 minutes. - **device_id** (string) - Required - A unique identifier for the device. Should be stored and reused in subsequent requests. - **state** (string) - Required - The state string passed at the beginning of the authorization. Must match the original state. ### Response #### Success Response (Redirect) - **code** (string) - The authorization code. - **device_id** (string) - The device identifier. - **state** (string) - The state string. #### Response Example (in redirect URL) `https://?code=&device_id=&state=` ``` -------------------------------- ### Authorization Code and User Consent Form Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This method allows you to obtain an authorization code, a state string, and a device identifier. It also displays a form for the user to grant access to their data if they are using the service for the first time. ```APIDOC ## GET /authorize ### Description This method allows you to obtain an authorization code, a state string, and a device identifier. It also displays a form for the user to grant access to their data if they are using the service for the first time. ### Method GET ### Endpoint https://id.vk.ru/authorize ### Query Parameters - **response_type** (string) - Required - Must be 'code'. - **client_id** (string) - Required - Your application's identifier. - **redirect_uri** (string) - Required - The URL to redirect the user to after authorization. - **state** (string) - Required - An arbitrary string to maintain state between the request and callback. - **code_challenge** (string) - Required - The transformed code_verifier. - **code_challenge_method** (string) - Required - The method used for transforming code_verifier (e.g., 'S256'). - **scope** (string) - Optional - A space-separated list of access scopes requested. - **prompt** (string) - Optional - Specifies the user interaction required for authorization. - **provider** (string) - Optional - Specifies the authentication provider. - **lang_id** (integer) - Optional - The interface language ID. - **scheme** (string) - Optional - The theme for the permission request form. ### Request Example ``` GET https://id.vk.ru/authorize?response_type=code & client_id=<идентификатор приложения> & redirect_uri=<адрес перенаправления> & state=<произвольная строка состояния> & code_challenge=<преобразованный code_verifier> & code_challenge_method=<метод преобразования> & [scope=<список доступов>] & [prompt=<процесс прохождения авторизации>] & [provider=<провайдер аутентификации>] & [lang_id=<язык интерфейса>] & [scheme=<тема формы запроса разрешений>] ``` ### Response #### Success Response (200) - **code** (string) - The authorization code. - **state** (string) - The state string provided in the request. - **device_id** (string) - The device identifier. #### Response Example ```json { "code": "AUTHORIZATION_CODE", "state": "YOUR_STATE_STRING", "device_id": "DEVICE_IDENTIFIER" } ``` ``` -------------------------------- ### Request Authorization Code and User Consent Form (HTTP) Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This method retrieves an authorization code, state string, and device ID required for subsequent requests like obtaining an Access Token. It also displays the user consent form for first-time users. Ensure your application is created and configured before integration. For web platforms, tokens must be sent in the request body with `content-type: application/x-www-form-urlencoded`. ```http GET https://id.vk.ru/authorize?response_type=code & client_id=<идентификатор приложения> & redirect_uri=<адрес перенаправления> & state=<произвольная строка состояния> & code_challenge=<преобразованный code_verifier> & code_challenge_method=<метод преобразования> & [scope=<список доступов>] & [prompt=<процесс прохождения авторизации>] & [provider=<провайдер аутентификации>] & [lang_id=<язык интерфейса>] & [scheme=<тема формы запроса разрешений>] ``` -------------------------------- ### Successful Request Response Format Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description When a request is successful, the authorization code, state string, and device ID are returned as query parameters in the redirect URI. The authorization code is valid for 10 minutes. ```http GET https://?code=<код подтверждения>&device_id=<идентификатор устройства>&state=<произвольная строка состояния> ``` -------------------------------- ### Exchange Authorization Code for Tokens (POST Request) Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This snippet demonstrates the POST request format for exchanging an authorization_code for access, refresh, and ID tokens. It requires specific parameters like grant_type, code_verifier, redirect_uri, code, client_id, and device_id. The response includes the obtained tokens and other relevant information. ```http POST https://id.vk.ru/oauth2/auth Content-Type: application/x-www-form-urlencoded grant_type = authorization_code & code_verifier= & redirect_uri= & code= & client_id= & device_id= & state= ``` -------------------------------- ### Authorization Request Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This endpoint initiates the authorization process for a VK ID application. It requires several parameters to identify the application, specify the desired permissions, and handle the callback process securely. ```APIDOC ## GET /oauth/authorize ### Description Initiates the authorization process for a VK ID application, requesting user consent to access specific data. ### Method GET ### Endpoint /oauth/authorize ### Parameters #### Query Parameters - **response_type** (string) - Required - Specifies the type of response required. Use 'code' for an authorization code. - **client_id** (string) - Required - The unique identifier of your application. - **code_challenge** (string) - Required - A base64 encoded string derived from `code_verifier` using the `code_challenge_method`. Used for PKCE to secure the token exchange. - **code_challenge_method** (string) - Required - The method used to transform `code_verifier` into `code_challenge`. Must be 'S256'. - **redirect_uri** (string) - Required - The URL to which the user will be redirected after authorization. This URL must be registered in your application settings. - **state** (string) - Required - A random string (at least 32 characters) generated by the service to maintain state and prevent CSRF attacks. The same string must be returned by the service. - **scope** (string) - Optional - A space-separated list of permissions your application requires (e.g., 'email phone'). Defaults to 'vkid.personal_info' if not provided. - **prompt** (string) - Optional - Controls the authorization flow. Possible values: '' (default), 'none', 'login', 'consent'. 'none' requires the user to be logged in and have previously granted permissions. - **provider** (string) - Optional - The authentication provider. Defaults to 'vkid'. Can be 'ok_ru' or 'mail_ru' for external OAuth. - **lang_id** (integer) - Optional - The interface language for the authorization form. Defaults to 0 (Russian). Other values include 1 (Ukrainian), 3 (English), 4 (Spanish), 6 (German), 15 (Polish), 16 (French), 82 (Turkish). - **scheme** (string) - Optional - The theme for the authorization request form. Defaults to 'light'. Possible values: 'light', 'dark'. ### Request Example ``` GET https://oauth.vk.com/authorize?response_type=code&client_id=YOUR_CLIENT_ID&redirect_uri=https://your.app/callback&state=RANDOM_STRING&scope=email&code_challenge=YOUR_CODE_CHALLENGE&code_challenge_method=S256 ``` ### Response #### Success Response (302 Found) Redirects the user to the specified `redirect_uri` with an authorization `code` and the `state` parameter. #### Response Example ``` https://your.app/callback?code=AUTHORIZATION_CODE&state=RANDOM_STRING ``` #### Error Response Returns an error code and description if the authorization fails. For example: - `login_required`: User is not logged in. - `interaction_required`: User has not previously granted permissions. ``` -------------------------------- ### Token Retrieval Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This method allows you to obtain a token using the grant type specified. Ensure that your service correctly passes the `grant_type` and `response_type` parameters. If these parameters are passed incorrectly, a 404 NOT FOUND error will be returned. Save the obtained tokens on your side. ```APIDOC ## POST /oauth/token ### Description This endpoint allows you to obtain an access token using a specified grant type. Ensure correct `grant_type` and `response_type` parameters are provided. ### Method POST ### Endpoint /oauth/token ### Parameters #### Query Parameters - **grant_type** (string) - Required - The grant type for token retrieval (e.g., `authorization_code`). - **response_type** (string) - Required - The response type (e.g., `code`). ### Request Body (This section would typically detail the request body parameters for different grant types, e.g., `code`, `redirect_uri`, `client_id`, `client_secret` for `authorization_code` grant type. As the provided text does not specify these, it's left general.) ### Response #### Success Response (200 OK) - **access_token** (string) - The access token. - **expires_in** (integer) - The lifetime of the access token in seconds. - **token_type** (string) - The type of the token (e.g., `Bearer`). #### Error Response (404 NOT FOUND) Returned if `grant_type` or `response_type` parameters are passed incorrectly. ### Request Example (Example request body would depend on the specific `grant_type`. For `authorization_code` grant type, it might include: ```json { "grant_type": "authorization_code", "code": "", "redirect_uri": "", "client_id": "", "client_secret": "" } ``` ) ``` -------------------------------- ### Token Retrieval Method Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This method allows obtaining an access token using the specified grant_type. Ensure correct transmission of grant_type and response_type parameters to avoid a 404 error. Store retrieved tokens securely. ```text Method allows to get token using the grant_type specified. Ensure your service correctly passes grant_type and response_type parameters. If parameters are passed incorrectly, a 404 NOT FOUND error will be returned. Save tokens on your side when received. ``` -------------------------------- ### POST /oauth2/user_info Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description Retrieves unmasked user data using an access token. The specific fields returned depend on the permissions granted to your application. ```APIDOC ## POST /oauth2/user_info ### Description This method allows you to obtain unmasked user data using an access token. The set of data depends on the access rights in the Access token. For example, to get email and phone, the Access token must include 'email' and 'phone'. ### Method POST ### Endpoint https://id.vk.ru/oauth2/user_info ### Parameters #### Query Parameters - **client_id** (string) - Required - The identifier of your application. - **access_token** (string) - Required - The user's access token. #### Request Body This endpoint uses `application/x-www-form-urlencoded` for the request body. - **client_id** (string) - Required - The identifier of your application. - **access_token** (string) - Required - The user's access token. ### Request Example ``` POST https://id.vk.ru/oauth2/user_info Content-Type: application/x-www-form-urlencoded client_id=<идентификатор приложения> & access_token= ``` ### Response #### Success Response (200) - **user** (object) - Contains user information. - **user_id** (string) - User's unique identifier. - **first_name** (string) - User's first name. - **last_name** (string) - User's last name. - **avatar** (string) - URL to the user's profile picture. The size and format can be adjusted using query parameters `as` and `cs`. - **sex** (integer) - User's gender (1: female, 2: male, 0: unspecified). - **verified** (boolean) - Indicates if the user's profile is verified (true/false). - **birthday** (string) - User's date of birth. - **phone** (string) - User's phone number (if permission is granted). - **email** (string) - User's email address (if permission is granted). #### Response Example (Basic Permissions) ```json { "user": { "user_id": "<идентификатор пользователя>", "first_name": "<имя пользователя>", "last_name": "<фамилия пользователя>", "avatar": "<ссылка на фото профиля>", "sex": <пол>, "verified": "<статус верификации пользователя>", "birthday": "<дата рождения пользователя>" } } ``` #### Response Example (Extended Permissions including email and phone) ```json { "user": { "user_id": "<идентификатор пользователя>", "first_name": "<имя пользователя>", "last_name": "<фамилия пользователя>", "phone": "<телефон пользователя>", "avatar": "<ссылка на фото профиля>", "email": "<почта пользователя>", "sex": <пол>, "verified": <статус верификации пользователя>, "birthday": "<дата рождения>" } } ``` ### Error Handling - **400 Bad Request**: Invalid request parameters or missing required fields. - **401 Unauthorized**: Invalid or expired access token. - **403 Forbidden**: Insufficient permissions for the requested data. ``` -------------------------------- ### Revoke User Permissions for Application (POST Request) Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This snippet shows how to revoke permissions that a user has granted to an application. It requires the client_id of the application and the user's access_token. The request is made via a POST request to the revoke endpoint. ```HTTP POST https://id.vk.ru/oauth2/revoke Content-Type: application/x-www-form-urlencoded client_id=<идентификатор приложения> & access_token= ``` -------------------------------- ### POST /oauth2/logout Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description Logs out a user by terminating their session. It's recommended to invalidate obtained tokens if the user has been inactive. ```APIDOC ## POST /oauth2/logout ### Description Logs out a user by terminating their session. It's recommended to invalidate obtained tokens if the user has been inactive. ### Method POST ### Endpoint https://id.vk.ru/oauth2/logout ### Parameters #### Query Parameters - **client_id** (string) - Required - Application identifier. Available in the application settings. - **access_token** (string) - Required - Access token of the current user session. Can be passed in the header or request body. ### Request Example ``` POST https://id.vk.ru/oauth2/logout Content-Type: application/x-www-form-urlencoded client_id=<идентификатор приложения> & access_token= ``` ### Response #### Success Response (200) - **response** (integer) - 1 if the user session was successfully terminated. #### Response Example ```json { "response": 1 } ``` #### Error Response ```json { "error": "", "error_description": "" } ``` **Possible Error Codes:** - `access_denied`: User does not have access to VK ID (blocked or deleted). - `invalid_token`: Access token not provided or invalid. - `server_error`: Authorization server encountered an unexpected issue. - `slow_down`: Request limit to the method exceeded. - `temporarily_unavailable`: Authorization server is temporarily overloaded. - `invalid_client`: Application with the specified client_id not found or blocked. ``` -------------------------------- ### Refresh Access Token using Refresh Token (POST Request) Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This snippet demonstrates how to refresh an expired Access Token using a valid Refresh Token. It requires the grant_type, refresh_token, client_id, and device_id. The response includes a new pair of Access and Refresh tokens, along with other relevant details. The request is made via a POST request to the specified endpoint. ```HTTP POST https://id.vk.ru/oauth2/auth Content-Type: application/x-www-form-urlencoded grant_type=refresh_token & refresh_token=<токен для обмена> & client_id=<идентификатор приложения> & device_id=<идентификатор устройства> & state=<произвольная строка состояния> & [scope=<список доступов>] ``` -------------------------------- ### POST /oauth2/auth Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description Exchanges an authorization code for a set of tokens (Access token, Refresh token, and ID token). This method is used when grant_type is set to authorization_code. ```APIDOC ## POST /oauth2/auth ### Description Exchanges an authorization code for a set of tokens (Access token, Refresh token, and ID token). This method is used when `grant_type` is set to `authorization_code`. ### Method POST ### Endpoint `https://id.vk.ru/oauth2/auth` ### Parameters #### Query Parameters - **grant_type** (string) - Required - The token request method. Must be `authorization_code`. - **code_verifier** (string) - Required - A randomly generated string used for PKCE protection. Must be between 43 and 128 characters long and can contain `a-z`, `A-Z`, `0-9`, `_`, `-`. - **redirect_uri** (string) - Required - The URL to redirect the user to after authorization. This URL must be a trusted redirect URL specified in the application settings. - **code** (string) - Required - The authorization code obtained from the initial authorization request. - **client_id** (string) - Required - The application's unique identifier. - **device_id** (string) - Required - The unique identifier of the device, obtained with the authorization code. - **state** (string) - Required - A random string of at least 32 characters (`a-z`, `A-Z`, `0-9`, `_`, `-`) generated at the start of authorization. This string must be returned unchanged by the service. ### Request Example ``` POST https://id.vk.ru/oauth2/auth Content-Type: application/x-www-form-urlencoded grant_type=authorization_code&code_verifier=&redirect_uri=&code=&client_id=&device_id=&state= ``` ### Response #### Success Response (200) - **refresh_token** (string) - Token used to exchange for a new pair of Access token + Refresh token. - **access_token** (string) - The user's access token. - **id_token** (string) - The user's JSON Web Token (JWT) obtained during initial authorization. - **token_type** (string) - The type of token (default is `Bearer`). - **expires_in** (integer) - The token's expiration time in seconds. - **user_id** (string) - The user's unique identifier. - **state** (string) - The state string, which must match the one passed during authorization. - **scope** (string) - A space-separated list of access permissions granted to the application. If not specified, defaults to `vkid.personal_info`. #### Response Example ```json { "refresh_token": "", "access_token": "", "id_token": "", "token_type": "Bearer", "expires_in": 3600, "user_id": "123456789", "state": "", "scope": "email phone" } ``` ``` -------------------------------- ### Error Response Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description If an error occurs during the request, such as invalid parameters or an authorization failure, the user will be presented with an error page containing specific error details. ```APIDOC ## Error Response ### Description This response is returned when an error occurs during the authorization process, such as invalid parameters or an authorization failure. ### Method N/A (This is a redirect response with error parameters) ### Endpoint N/A (This is a redirect response with error parameters) ### Response #### Error Response (Redirect with error parameters) - **error** (string) - The error code. - **error_description** (string) - A description of the error. #### Response Example (in redirect URL) `https://?error=&error_description=` ### Possible Error Values - **invalid_request**: Invalid request. Missing parameters, duplicate parameters, or invalid parameter values. - **unsupported_response_type**: Unsupported response type. - **invalid_scope**: The requested scope is invalid, unknown, or incorrectly formatted. - **server_error**: The authorization server encountered an unexpected error. - **temporarily_unavailable**: The authorization server is temporarily overloaded. - **invalid_token**: The Access token validation failed. - **access_denied**: The user does not have access to VK ID (user is blocked or deleted). - **login_required**: Authentication is required. Occurs when `prompt=none` is active and the user is not logged in. - **interaction_required**: Permission to grant access is required. Occurs when `prompt=none` is active and the user has not granted permissions. ``` -------------------------------- ### Successful Token Exchange Response Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This snippet shows the JSON response received upon a successful exchange of an authorization code for tokens. It includes the refresh_token, access_token, id_token, token_type, expires_in, user_id, state, and scope. ```json { "refresh_token": , "access_token": , "id_token": , "token_type": , "expires_in": , "user_id": , "state": , "scope": } ``` -------------------------------- ### Successful Response for Masked User Data (JSON) Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This JSON structure represents a successful response from the VK ID API when requesting masked user data. It contains the user's ID, first name, initial of the last name, masked phone, masked email, and a link to their profile photo. ```json { "user": { "user_id": "<идентификатор пользователя>", "first_name": "<имя>", "last_name": "<первая буква фамилии>", "phone": "<маскированынй номер телефона>", "avatar": "<ссылка на фото профиля>", "email": "<почта>" } } ``` -------------------------------- ### VK ID API: Request Unmasked User Data (POST) Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This snippet demonstrates how to make a POST request to the VK ID API to retrieve unmasked user information. The request requires an access token and client ID. The response format varies based on the permissions granted to the access token, providing either basic user details or extended information such as email and phone number. ```http POST https://id.vk.ru/oauth2/user_info Content-Type: application/x-www-form-urlencoded client_id=<идентификатор приложения> & access_token= ``` -------------------------------- ### Error Response Format Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description If a request fails due to invalid parameters or an authorization failure, an error object is returned in the response body. This object contains an error code and a description of the error. ```json { "error": "<ошибка с одним из значений ниже>", "error_description": "<описание ошибки. Передается в виде строки>" } ``` -------------------------------- ### Successful Refresh Token Response Structure Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This JSON structure represents a successful response when refreshing an access token. It includes the new refresh_token, access_token, token_type, expires_in duration, user_id, state, and the granted scope. ```JSON { "refresh_token": , "access_token": , "token_type": <тип токена — по умолчанию Bearer>, "expires_in": <срок действия токена>, "user_id": <идентификатор пользователя>, "state": <произвольная строка состояния>, "scope": <список прав доступа> } ``` -------------------------------- ### User Logout via VK ID API Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This snippet shows how to log out a user by terminating their session using the VK ID API. It requires a POST request with the user's access token and the application's client ID. A successful logout returns '1'. ```http POST https://id.vk.ru/oauth2/logout Content-Type: application/x-www-form-urlencoded client_id=<идентификатор приложения> & access_token= ``` -------------------------------- ### Revoke User Permissions Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This endpoint allows an application to revoke user-granted permissions. This action invalidates the provided Access Token. ```APIDOC ## POST /oauth2/revoke ### Description Revokes the permissions that a user has granted to an application. This action also invalidates the provided Access Token. ### Method POST ### Endpoint https://id.vk.ru/oauth2/revoke ### Parameters #### Query Parameters - **client_id** (string) - Required - Your application's identifier. - **access_token** (string) - Required - The user's Access Token to be revoked. ### Request Example ```json { "client_id": "", "access_token": "" } ``` ### Response #### Success Response (200) This endpoint does not return a specific JSON body on success. A successful revocation is indicated by the absence of an error. #### Error Response If the request fails, an error response will be returned, similar to the refresh token endpoint, indicating the reason for the failure (e.g., `invalid_token`, `invalid_client`). ``` -------------------------------- ### Error Response for Masked User Data Request (JSON) Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This JSON structure illustrates an error response from the VK ID API. It includes an error code, a detailed description of the error, and a state parameter if provided in the initial request. Common errors include invalid tokens, rate limiting, or invalid client IDs. ```json { "error": "<ошибка с одним из значений ниже>", "error_description": "<описание ошибки. Передается в виде строки>", "state": "<строка, которая передана в изначальном запросе>" } ``` -------------------------------- ### Refresh Access Token Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This endpoint allows you to refresh an expired Access Token using a valid Refresh Token. It returns a new pair of Access and Refresh tokens. ```APIDOC ## POST /oauth2/auth ### Description Exchanges a Refresh Token for a new Access Token and Refresh Token pair. This is necessary because Access Tokens have a limited lifespan of 1 hour. ### Method POST ### Endpoint https://id.vk.ru/oauth2/auth ### Parameters #### Query Parameters - **grant_type** (string) - Required - Must be set to `refresh_token`. - **refresh_token** (string) - Required - The token used to exchange for a new pair of Access Token + Refresh Token. - **client_id** (string) - Required - Your application's identifier. - **device_id** (string) - Required - A unique identifier for the device, obtained during authorization. - **state** (string) - Required - A random string of at least 32 characters (a-z, A-Z, 0-9, _, -) generated during initial authorization. This string must be returned unchanged to verify the request's integrity. - **scope** (string) - Optional - A space-separated list of requested permissions. If not provided, the scope from the Refresh Token will be used. ### Request Example ```json { "grant_type": "refresh_token", "refresh_token": "", "client_id": "", "device_id": "", "state": "" } ``` ### Response #### Success Response (200) - **refresh_token** (string) - The new refresh token. - **access_token** (string) - The new access token. - **token_type** (string) - The type of token, defaults to Bearer. - **expires_in** (integer) - The token's expiration time in seconds. - **user_id** (string) - The user's identifier. - **state** (string) - The state string returned from the request. - **scope** (string) - The list of granted permissions. #### Response Example ```json { "refresh_token": "", "access_token": "", "token_type": "Bearer", "expires_in": 3600, "user_id": "123456789", "state": "", "scope": "email phone" } ``` #### Error Response - **error** (string) - An error code (e.g., `access_denied`, `invalid_token`, `server_error`, `slow_down`, `temporarily_unavailable`, `invalid_client`). - **error_description** (string) - A description of the error. ``` -------------------------------- ### VK ID API Error Response Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This section details the structure of error responses returned by the VK ID API when a request fails due to invalid parameters, authorization issues, or server-side problems. ```APIDOC ## VK ID API Error Response ### Description This endpoint returns an error object when a request fails. This can be due to invalid parameters, authorization failures, or server-side issues. ### Method N/A (This describes a response format, not a specific request method) ### Endpoint N/A (This describes a response format, not a specific endpoint) ### Parameters #### Request Body N/A ### Request Example N/A ### Response #### Error Response - **error** (string) - A short error code indicating the type of error. - **error_description** (string) - A human-readable description of the error. Possible values for `error`: - `access_denied`: The user does not have access to VK ID (blocked or deleted). - `invalid_token`: The access token is missing, invalid, or expired. - `server_error`: The authorization server encountered an unexpected issue. - `slow_down`: The rate limit for the method has been exceeded. - `temporarily_unavailable`: The authorization server is currently overloaded. - `invalid_client`: The application with the specified `client_id` was not found or is blocked. #### Response Example ```json { "error": "invalid_token", "error_description": "Access token is missing or expired." } ``` ``` -------------------------------- ### Revoke User Permissions via VK ID API Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This snippet demonstrates how to revoke user permissions granted to an application using the VK ID API. It requires an access token and client ID. Successful requests return '1', while errors return a JSON object with error details. ```http POST https://id.vk.ru/oauth2/revoke Content-Type: application/x-www-form-urlencoded access_token= & client_id=<идентификатор приложения> ``` -------------------------------- ### VK ID Error Response Structure (JSON) Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This JSON object represents the structure of an error response from VK ID. It includes a general 'error' code and a more detailed 'error_description'. This format is used when requests fail due to invalid parameters or authorization issues. ```json { "error": "", "error_description": "" } ``` -------------------------------- ### VK ID Error Response Structure (JSON) Source: https://id.vk.ru/about/business/go/docs/en/vkid/latest/vk-id/connection/api-description This JSON structure represents an error response from VK ID. It includes a general error code, a detailed description, and the original state parameter if provided. ```json { "error": "", "error_description": "", "state": "" } ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.