Overview

    This chapter describes types of LINE WORKS Bot Platform APIs and authentication workflows of each type.

    Types of LINE WORKS APIs

    LINE WORKS Bot Platform APIs are subdivided into two types: Service API and Server API. The details of each type are described in each API specification. Those APIs whose type is not specified are the Service API.

    Service API

    The Service API requires users to log in to LINE WORKS first, and basically allows them to access their own data. There are exceptions, however, such as LINE WORKS Calendar's "Get Schedules of Others" API that allows users to access the data of others in the domain.

    Server API

    The Server API does not require user login, and allows users to access data of any users in the domain. Typical examples of the Server API include the Organization Integration API and the Migration API.

    Authentication Workflows

    The Service API and the Server API are both based on OAuth 2.0, but use different authentication methods.

    Service API Authentication

    The authentication workflow of the Service API is shown in the following figure.

    Service API Authentication Workflow

    Figure 1 Service API Authentication Workflow

    1. Get information necessary to use the Service API.
      The user gets the information required to use the Service API from the LINE WORKS Developer Console. For details, refer to Preparations in this guide.
    2. Provide information needed to use the Service API.
    3. Request to issue Authorization Code (window open).
      The user requests an authorization code with a new window, by using the Service API consumer key issued by the LINE WORKS Developer Console.
    4. Provide the LINE WORKS login page.
      The LINE WORKS authentication system provides the login page if the user is not logged in to LINE WORKS. This step is omitted if the user is already logged in.
    5. Enter ID/Password.
      The user logs in to LINE WORKS with his or her ID and password.
    6. Verify login and issue Authorization Code.
      The LINE WORKS authentication system authenticates the user with his or her ID and password, issues an authorization code which is then returned with "redirect_uri" parameter delivered in step 3.
    7. Request Access Token (API call).
      The user uses the authorization code to request an access token from the LINE WORKS authentication system. The authorization code is one time only.
    8. Issue Access Token.
      The LINE WORKS authentication system verifies the authorization code, and issues an access token.
    9. Make an API call with the required information included in the header.
      The user makes an API call with the consumer key and the access token included in the header.
    10. Verify the header information and process the API call.
      LINE WORKS checks the validity of the header information, and processes the API call.
    11. Return the result.

    Note

    • You don't have to get an access token every time you make an API call (step 3-8).
    • Once you get an access token, you can store it to reuse (e.g., cookies).

    Server API Authentication

    The authentication workflow of the Server API is shown in the following figure.

    Server API Authentication Workflow

    Figure 2 Server API Authentication Workflow

    1. Get information necessary to use the Server API.
      The user gets the information required to use the Server API from the LINE WORKS Developer Console. For details, refer to Preparations in this guide.
    2. Provide information needed to use the Server API.
    3. Make an API call with the required information included in the header.
      The user makes an API call with the consumer key and the server token included in the header.
    4. Verify the header information and the client IP, and process the API call.
      LINE WORKS verifies the header information, checks if the server IP registered to the LINE WORKS Developer Console when the token is issued is the same as the client IP which requests the API, can processes the API call.
    5. Return the result.