Fedex Logo
Developer Portal

API Authorization

简介

FedEx API 支持使用 OAuth 2.0(持有者令牌)验证方法来授权您的应用程序 API 请求使用 FedEx 资源。需要每 60 分钟重新生成一次 OAuth 访问令牌,并需要向每个 API 交易提供此 OAuth 访问令牌,才能验证并授权您访问 FedEx 资源。

授权API详细信息

此API可让您授权API请求,如此才能验证FedEx资源。下列部分说明API的先决条件:

注册FedEx Developer Portall时,FedEx会提供客户端ID(API密钥)和客户端机密(机密密钥)的组合,以验证您项目的API请求。您组织中的每个项目都会关联一个客户端ID和客户端机密组合,称为API凭据。

注意:客户 (Internal、Compatible、Proprietary Parent Child 和 Integrator) 可联系 FedEx 代表来获取 API 和密钥。

为提供多一层安全保护,除了 API 密钥和机密密钥外,FedEx® 客户 (Internal、Compatible、Proprietary Parent Child 和 Integrator) 还可发送子密钥(客户机密)和子机密(客户密码)来创建 OAuth 令牌。每个 API 请求中都会用到此令牌来完成身份验证。

您可以从FedEx Developer Portal上的“项目”页面重新创建忘记的机密密钥。

注意:创建新密钥将导致您应用程序中的代码发生变化。

本文档中的重要信息:

  • 客户端密钥作为API密钥
  • 客户端机密作为机密密钥
  • 子密钥作为客户密钥
  • 子机密作为客户密码

API凭据用于以下用途:

  • 识别调用 API 的项目。
  • 授予对您项目下启用的 API 的访问权限。

如何获取API凭据

根据 FedEx Developer Portal 中的输入创建凭据:

  • 客户端 ID – 每当在 FedEx Developer Portal 上创建项目时,便会创建 API 密钥(客户端 ID)。您还可查看与“项目概览”页面上的项目关联的 API 密钥。
  • 客户端机密 – 在 FedEx Developer Portal 上创建项目后,便可在确认页面上看到机密密钥(客户端机密)。如果需要,还可在“项目概览”页面上重新生成机密密钥。

注意:除了 API 密钥和机密密钥外,FedEx® 客户 (Internal、Compatible、Proprietary Parent Child 和 Integrator) 还可发送子密钥(客户机密)和子机密(客户密码)来创建 OAuth 令牌。有关如何获取子密钥和子机密的信息,请参见凭据注册 API。

授权 API 工作原理

API授权

您在 FedEx Developer Portal 上获得 API 凭据后,请使用 OAuth 端点获取访问令牌,以用作每个 API 交易的凭据。

这些是与 OAuth 请求关联的必要输入:

  • grant_type – 客户类型。(有效值:client_credentials、csp_credentials、client_pc_credentials)
  • client_id – 指的是项目API密钥。
  • client_secret – 指的是项目API机密密钥。

对于 FedEx® 客户 (Internal、Compatible、Proprietary Parent Child 和 Integrator),需要发送以下额外输入:

  • child_id – 通过凭据注册API请求返回的客户密钥。
  • child_secret – 通过凭据注册API请求返回的客户密码。

此请求应返回的结果如下:

  • access_token – 在API交易中需要使用的加密OAuth令牌。
  • token_type – 令牌的类型。在此情况下为持有者验证
  • expires_in – 令牌过期时间(以毫秒为单位)。标准令牌过期时间为一个小时。
  • 范围 – 提供给客户的授权范围。

示例

请求:

POST /oauth/token HTTP/1.1
grant_type= client_credentials&client_id=your client ID&client_secret=Your secret

响应:

{ ″access_token″: ″eyJhbGciOiJIUzI1NiIsInR5cCI6IkpX……..″,
″token_type″: ″bearer″,
″expires_in″: 3600,
″scope″: ″CXS″
}{ ″access_token″: ″eyJhbGciOiJIUzI1NiIsInR5cCI6IkpX……..″,
″token_type″: ″bearer″,
″expires_in″: 3600,
″scope″: ″CXS″
}

FedEx® Internal、Compatible 和 Integrator 客户的请求:

POST /oauth/token HTTP/1.1
grant_type= csp_credentials&client_id=Client ID&client_secret= Client secret&child_key=Child key&child_secret=Child Secret

响应:

{ ″access_token″: ″eyJhbGciOiJIUzI1NiIsInR5cCI6IkpX……..″,
″token_type″: ″bearer″,
″expires_in″: 3600,
″scope″: ″CXS″
}{ ″access_token″: ″eyJhbGciOiJIUzI1NiIsInR5cCI6IkpX……..″,
″token_type″: ″bearer″,
″expires_in″: 3600,
″scope″: ″CXS″
}

FedEx® Proprietary Parent Child 客户的要求:

POST /oauth/token HTTP/1.1
grant_type= client_pc_credentials&client_id=Client ID&client_secret= Client secret&child_key=Child key&child_secret=Child Secret

响应:

{ ″access_token″: ″eyJhbGciOiJIUzI1NiIsInR5cCI6IkpX……..″,
″token_type″: ″bearer″,
″expires_in″: 3600,
″scope″: ″CXS″
}{ ″access_token″: ″eyJhbGciOiJIUzI1NiIsInR5cCI6IkpX……..″,
″token_type″: ″bearer″,
″expires_in″: 3600,
″scope″: ″CXS″
}

注意:访问令牌将在一小时后过期,可通过向oauth/token端点发出的POST请求来重新生成该令牌。

Documentation Powered by ReDoc

API Authorization (1.0)

API Authorization

Use this endpoint to request the OAuth token (bearer token) to authorize your application to access FedEx resources. You can pass this bearer token in your subsequent individual FedEx API endpoint requests.
Note: FedEx APIs do not support Cross-Origin Resource Sharing (CORS) mechanism.

header Parameters
content-type
required
string
Example: application/x-www-form-urlencoded

This is used to indicate the media type of the resource. The media type is a string sent along with the file indicating format of the file.
Example: application/x-www-form-urlencoded

Request Body schema: application/x-www-form-urlencoded
grant_type
required
string

Specify Type of customer requesting the Oauth token.
Valid Values: client_credentials, csp_credentials, client_pc_credentials
Note:
client_credentials - should be used for customers, Integrators, and brand new Compatible Provider customers who are yet to unboard child accounts.
csp_credentials - should be used for Integrators, and Compatible Provider customers with existing child accounts.
client_pc_credentials – should be used for Proprietary Parent Child customers.

client_id
required
string

Specify the Client ID also known as API Key received during FedEx Developer portal registration.
Example: XXXX-XXX-XXXX-XXX

client_secret
required
string

Specify the Client secret also known as Secret Key received during FedEx Developer portal registration.
Example: XXXX-XXX-XXXX-XXX

child_Key
string

Specify the Client ID also known as Customer Key. This element is used as a login credential for an Integrator customer, Compatible customer or a Proprietary Parent Child customer to access the application on behalf of their customer.
Example: XXXX-XXX-XXXX-XXX
Note: This element should be used by Integrator, Compatible and Proprietary Parent Child customers.

child_secret
string

Specify the Client secret also known as Customer Secret. This element is used as a login credential for an Integrator customer, Compatible customer or a Proprietary Parent Child customer to access the application on behalf of their customer.
Example: XXXX-XXX-XXXX-XXX
Note: This element should be used by Integrator, Compatible and Proprietary Parent Child customers.

Responses

200

Success

401

Unauthorized

500

Failure

503

Service Unavailable

post /oauth/token

Sandbox Server

https://apis-sandbox.fedex.com/oauth/token

Production Server

https://apis.fedex.com/oauth/token

Request samples

Content type
application/x-www-form-urlencoded
Example
B2B-Proprietary
Copy
grant_type=client_credentials&client_id=Your_client_ID&client_secret=Your_secret

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpX……",
  • "token_type": "bearer",
  • "expires_in": 3600,
  • "scope": "CXS"
}
CLOSE

Response

Copy