Customer Accounts API (2.0.0)

Download OpenAPI specification:Download

Customer Accounts API is responsible for the authentication and authorization processes of customers in LiveChat.

Tokens

Get token details

Retrieve information about an access token. You can provide the token via authorization or a query string.

Authorizations:

OAuth2 Bearer Token

query Parameters

code	string Example: code=fra-a:vky95357S7KM1E4dXwv1DQ

Responses

Response samples

200
401

Content type

application/json

{"access_token": "fra-a:vky95357S7KM1E4dXwv1DQ",
"client_id": "c6e4f62e2a2dab12531235b12c5a2a6b",
"entity_id": "3aa138c1-c137-41c6-6b26-cface5857378",
"expires_in": 28800,
"organization_id": "390e44e6-f1e6-0368c-z6ddb-74g14508c2e",
"token_type": "Bearer"
}

Create a token

Creates a new customer access token.

Authorizations:

Cookie AuthOAuth2 Agent Bearer Token

Request Body schema: application/json

grant_type required	string Enum: "agent_token" "cookie" "identity_token" Grant type
client_id required	string <hex> Client ID for which the token is being issued
redirect_uri	string <url> Redirect URI; it can be used and is required only for `grant_type=cookie`, default: the value of the `Origin` header.
organization_id	string <uuid> Organization ID for which the token is being issued, required only if `grant_type=cookie`
entity_id	string <uuid> Entity ID for which the token is being issued; the entity (customer) should already exist; it can be used only for `grant_type=agent_token`
expires_in	integer <uint64> Access token lifetime (in seconds)
code	string Code is an identity transfer token; it can be used only for `grant_type=identity_token`
code_verifier	string Code verifier, as in OAuth2 PKCE flow; it can be used only for `grant_type=identity_token`

Responses

Request samples

Payload

Content type

application/json

{"grant_type": "agent_token",
"client_id": "c6e4f62e2a2dab12531235b12c5a2a6b",
"redirect_uri": "https://my-application.com",
"organization_id": "390e44e6-f1e6-0368c-z6ddb-74g14508c2e",
"entity_id": "3aa138c1-c137-41c6-6b26-cface5857378",
"expires_in": 28800,
"code": "fra-a:vky95357S7KM1E4dXwv1DV",
"code_verifier": "y4jtqb2noru3vc23pefs"
}

Response samples

200
401

Content type

application/json

{"access_token": "fra-a:vky95357S7KM1E4dXwv1DQ",
"client_id": "c6e4f62e2a2dab12531235b12c5a2a6b",
"entity_id": "3aa138c1-c137-41c6-6b26-cface5857378",
"expires_in": 28800,
"token_type": "Bearer",
"organization_id": "390e44e6-f1e6-0368c-z6ddb-74g14508c2e"
}

Revoke token

Revoke a token provided via authorization.

Authorizations:

OAuth2 Bearer Token

Responses

Response samples

401

Content type

application/json

{"oauth_exception": "invalid_request",
"exception_description": "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed."
}

Create an identity transfer token

Creates a new identity transfer token, which can be exchanged for a customer access token.

Authorizations:

OAuth2 Bearer TokenOAuth2 Agent Bearer Token

Request Body schema: application/json

bearer_type required	string Enum: "agent" "customer" Authorization token type; `agent` for OAuth2 Agent Bearer Token and `customer` for OAuth2 Bearer Token
customer_id	string <uuid> Customer ID for which the identity transfer token is being issued; the customer should already exist; required only if `bearer_type=agent`
client_id required	string <hex> Client ID for which the token is being issued
code_challenge	string Code challenge, as in OAuth2 PKCE flow.

Responses

Request samples

Payload

Content type

application/json

{"bearer_type": "agent",
"customer_id": "3aa138c1-c137-41c6-6b26-cface5857378",
"client_id": "c6e4f62e2a2dab12531235b12c5a2a6b",
"code_challenge": "9_r7xBQQ8RJ3NOr0AMDBqASrf5ZT41PG1qjuLEYDs-c"
}

Response samples

200
401

Content type

application/json

{"identity_transfer_token": "fra-a:vky95357S7KM1E4dXwv1DV",
"expires_in": 3600
}

Create a group token

Creates a new customer access token for a different group within the same organization. Use this token to separate customer identity across groups within one organization, click here for more information.

Authorizations:

Cookie AuthOAuth2 Agent Bearer Token

path Parameters

organization_id required	string <uuid> Unique organization identifier.
group_id required	string <uuid> Unique group identifier.

Request Body schema: application/json

grant_type required	string Enum: "agent_token" "cookie" "identity_token" Grant type
client_id required	string <hex> Client ID for which the token is being issued
redirect_uri	string <url> Redirect URI; default: the value of the `Origin` header; it can be used only for `grant_type=cookie`
license_id	integer <uint64> License ID for which the token is being issued, required only if `grant_type=cookie`
entity_id	string <uuid> Entity ID for which the token is being issued; the entity (customer) should already exist; it can be used only for `grant_type=agent_token`
expires_in	integer <uint64> Access token lifetime (in seconds)
code	string Code is an identity transfer token; it can be used only for `grant_type=identity_token`
code_verifier	string Code verifier, as in OAuth2 PKCE flow; it can be used only for `grant_type=identity_token`

Responses

Request samples

Payload

Content type

application/json

{"grant_type": "agent_token",
"client_id": "c6e4f62e2a2dab12531235b12c5a2a6b",
"redirect_uri": "https://my-application.com",
"license_id": 2491303,
"entity_id": "3aa138c1-c137-41c6-6b26-cface5857378",
"expires_in": 28800,
"code": "fra-a:vky95357S7KM1E4dXwv1DV",
"code_verifier": "y4jtqb2noru3vc23pefs"
}

Response samples

200
401

Content type

application/json

{"access_token": "fra-a:vky95357S7KM1E4dXwv1DQ",
"client_id": "c6e4f62e2a2dab12531235b12c5a2a6b",
"entity_id": "3aa138c1-c137-41c6-6b26-cface5857378",
"expires_in": 28800,
"token_type": "Bearer"
}