--- title: Development API Overview description: Introduces enterprise development accounts, authentication methods, API directories, calling specifications and developer indexes. slug: developer-api-overview lang: en category: API Overview category_order: 8 order: 1 keywords: - API - Developer - OAuth - JWT - File interface --- # Development API Overview BabelBird develops APIs to connect the authentication, file, sharing, organization, messaging and login capabilities of enterprise network disks to third-party business systems. The left column is grouped by interface function, and the callable endpoints are listed directly in the group. ## Call overview - The enterprise administrator creates a developer account in the private cloud enterprise management background and obtains `client_id`, `client_secret` and JWT related keys. - In the OAuth callback method, use `/api/authorize.do` to obtain the authorization code, and then use `/api/token.do` to obtain `access_token`. - JWT login-free method uses `/api/authorizeByJWT.do` or `/account/tokenLogin.do`, and private deployment needs to enable the corresponding configuration. - File access API requests need to carry `Authorization: Bearer ` in the HTTP Header. - POST, PUT, DELETE requests usually use `Content-Type: application/json`. ### Java JWT Integration Example The following example is adapted from the BabelBird API integration sample. It demonstrates how to generate a JWT string. In a real project, replace the secret, enterprise domain, user email, phone number, employee ID and `client_id` with values provided by the enterprise admin console or implementation team. Do not expose the JWT secret in frontend pages, client packages or public repositories. The JWT payload contains three core fields: | Field | Description | | --- | --- | | `time` | Token generation timestamp in milliseconds | | `duration` | Token validity duration in seconds | | `payload` | Business payload. For user login-free access, use `email`, `phone` or `babelId`; for `/api/authorizeByJWT.do`, use `client_id` | Common usage: - User login-free access: generate `userToken`, then open `/account/tokenLogin.do?userToken=`. - OAuth/JWT authorization: generate `jwt_token`, then open `/api/authorizeByJWT.do?response_type=code&client_id=&jwt_token=`, and exchange the returned `code` for `access_token`. - File API calls: after obtaining `access_token`, include `Authorization: Bearer ` in subsequent file, sharing and enterprise API requests. Minimal implementation outline: first build `payload`, for example `{email: "user@example.com"}` for user login-free access or `{client_id: ""}` for developer authorization; then build JWT claims as `{time: current Unix timestamp in milliseconds, duration: 60, payload: payload}`; sign the claims with the enterprise JWT secret using HS256 / HmacSHA256; finally pass the signed JWT string as `userToken` or `jwt_token` in the corresponding URL. ```java import java.nio.charset.StandardCharsets; import java.util.Date; import java.util.HashMap; import java.util.Map; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; import io.jsonwebtoken.Claims; import io.jsonwebtoken.JwtBuilder; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; public class BabelJwtExample { // Obtain this from the enterprise admin console or delivery materials. // The example value must be replaced and must not be used in production. private static final String JWT_SECRET = "REPLACE_WITH_ENTERPRISE_JWT_SECRET"; public static void main(String[] args) throws Exception { Map user = new HashMap<>(); user.put("email", "user@example.com"); // Or use phone / babelId according to the enterprise account system: // user.put("phone", "13800000000"); // user.put("babelId", "EMP001"); String userToken = createTokenJWT(user); System.out.println("userToken=" + userToken); System.out.println("/account/tokenLogin.do?userToken=" + userToken); Map clientInfo = new HashMap<>(); clientInfo.put("client_id", "REPLACE_WITH_CLIENT_ID"); String jwtToken = createTokenJWT(clientInfo); System.out.println("/api/authorizeByJWT.do?response_type=code&client_id=REPLACE_WITH_CLIENT_ID&jwt_token=" + jwtToken); } public static String createTokenJWT(Map payload) { Map claims = new HashMap<>(); claims.put("time", new Date().getTime()); claims.put("duration", 60); claims.put("payload", payload); SecretKey key = generalKey(); JwtBuilder builder = Jwts.builder() .setClaims(claims) .signWith(SignatureAlgorithm.HS256, key); return builder.compact(); } public static Claims parseTokenJWT(String jwt) { SecretKey key = generalKey(); Claims claims = Jwts.parser() .setSigningKey(key) .parseClaimsJws(jwt) .getBody(); Long time = ((Number) claims.get("time")).longValue(); Long duration = ((Number) claims.get("duration")).longValue(); if (new Date().getTime() - time > 1000L * duration) { throw new IllegalStateException("JWT token expired"); } return claims; } private static SecretKey generalKey() { byte[] encodedKey = JWT_SECRET.getBytes(StandardCharsets.UTF_8); return new SecretKeySpec(encodedKey, 0, encodedKey.length, "HmacSHA256"); } } ``` If the project uses an older `jjwt` version, the structure can remain close to this example. If it uses the newer split dependencies such as `jjwt-api`, `jjwt-impl` and `jjwt-jackson`, adjust the signing and parsing methods according to the library version. During integration, generate and parse the token on the server first, then use it with `/account/tokenLogin.do` or `/api/authorizeByJWT.do` to verify login and authorization behavior. ## API Grouping | Grouping | Main purpose | Typical entrance | | --- | --- | --- | | Authentication API | Developer account, OAuth callback, JWT login-free, Token acquisition and refresh | [Get token](api-post-api-token-do.md) | | File API | File list, file information, upload and download, version, move copy, recycle bin, material library classification | [Get file list](api-get-nd-api-file-list-dir.md) | | Sharing API | Sharing link, sharing permissions, participants, attention reminders | [Get file sharing url](api-get-nd-api-share-shareurl.md) | | Enterprise API | Enterprise information, departments, members, enterprise logs | [Get current enterprise information](api-get-nd-api-enterprise-current.md) | | Message and login API | Announcements, department discussions, JWT token login, common status codes | [JWT token login](api-get-account-tokenlogin-do.md) | ## Single interface page Each API entry has an independent page, allowing developers to check paths, methods, parameters and return information by interface. - [GET authentication interface one (login callback method)](api-get-api-authorize-do.md): `/api/authorize.do` - [GET authentication interface two (login-free JWT token method)](api-get-api-authorizebyjwt-do.md): `/api/authorizeByJWT.do` - [POST Get token](api-post-api-token-do.md): `/api/token.do` - [POST refresh token](api-post-api-refreshtoken-do.md): `/api/refreshToken.do` - [GET Get file list](api-get-nd-api-file-list-dir.md): `/nd/api/file/list_dir` - [GET Get file information](api-get-nd-api-file-fileinfo.md): `/nd/api/file/fileinfo` - [POST create folder](api-post-nd-api-file-create-folder.md): `/nd/api/file/create_folder` - [GET preupload file](api-get-api-file-preuploadfile-do.md): `/api/file/preUploadFile.do` - [GET Get download file address](api-get-api-file-getfiledownloadurl-do.md): `/api/file/getFileDownloadUrl.do` - [GET Get download multi-file address](api-get-api-file-downloadmultifiles-do.md): `/api/file/downloadMultiFiles.do` - [GET Get download file thumbnail address](api-get-api-file-downloadthumbnail-do.md): `/api/file/downloadThumbnail.do` - [POST modify file information](api-post-nd-api-file-update-file.md): `/nd/api/file/update_file` - [POST modify file name](api-post-nd-api-file-rename.md): `/nd/api/file/rename` - [POST delete file (to recycle bin)](api-post-nd-api-file-remove-file.md): `/nd/api/file/remove_file` - [POST remove file (from trash)](api-post-nd-api-file-remove-from-trash.md): `/nd/api/file/remove_from_trash` - [POST Empty Trash](api-post-nd-api-file-empty-trash.md): `/nd/api/file/empty_trash` - [POST restore file (from recycle bin)](api-post-nd-api-file-restore-file.md): `/nd/api/file/restore_file` - [GET Get all version information of the file](api-get-nd-api-file-versions.md): `/nd/api/file/versions` - [POST setting file current version](api-post-nd-api-file-version.md): `/nd/api/file/version` - [POST move file](api-post-nd-api-file-move.md): `/nd/api/file/move` - [POST copy file](api-post-nd-api-file-copy.md): `/nd/api/file/copy` - [POST copy file progress](api-post-nd-api-file-copy-progress.md): `/nd/api/file/copy_progress` - [GET file log](api-get-nd-api-file-file-logs.md): `/nd/api/file/file_logs` - [POST sets whether the user has permission to access the material library](api-post-nd-api-file-set-user-access-material-library.md): `/nd/api/file/set_user_access_material_library` - [POST Create Material Library Classification](api-post-nd-api-file-create-material-class.md): `/nd/api/file/create_material_class` - [POST create sub-material library](api-post-nd-api-file-create-material-folder.md): `/nd/api/file/create_material_folder` - [GET Get the share url of the file](api-get-nd-api-share-shareurl.md): `/nd/api/share/shareurl` - [GET Get the shared permission list](api-get-nd-api-share-share-roles.md): `/nd/api/share/share_roles` - [GET Get the sharing role that the user has permission to set for a single file](api-get-nd-api-share-share-role-forfile.md): `/nd/api/share/share_role_forfile` - [POST Create Link Share](api-post-nd-api-share-open-link-share.md): `/nd/api/share/open_link_share` - [POST close link sharing](api-post-nd-api-share-close-link-share.md): `/nd/api/share/close_link_share` - [POST set link sharing password](api-post-nd-api-share-set-share-password.md): `/nd/api/share/set_share_password` - [POST invite people to participate in sharing](api-post-nd-api-share-invite-share.md): `/nd/api/share/invite_share` - [GET Get all sharing participants](api-get-nd-api-share-share-participants.md): `/nd/api/share/share_participants` - [POST set permission roles of sharing participants](api-post-nd-api-share-set-participant-role.md): `/nd/api/share/set_participant_role` - [POST delete sharing participant](api-post-nd-api-file-remove-share-participant.md): `/nd/api/file/remove_share_participant` - [POST reminder](api-post-nd-api-file-focus-file.md): `/nd/api/file/focus_file` - [POST remove someone's attention](api-post-nd-api-file-unfocus-file.md): `/nd/api/file/unfocus_file` - [GET Get the list of users focusing on the file](api-get-nd-api-file-user-focusfile.md): `/nd/api/file/user_focusfile` - [GET Get the list of users who can focus on the file and mark the users who have focused on the file](api-get-nd-api-file-user-can-focusfile.md): `/nd/api/file/user_can_focusfile` - [GET Get current enterprise information](api-get-nd-api-enterprise-current.md): `/nd/api/enterprise/current` - [GET Get information about all departments of the enterprise](api-get-nd-api-enterprise-departments.md): `/nd/api/enterprise/departments` - [POST Create Enterprise Department](api-post-nd-api-enterprise-create-department.md): `/nd/api/enterprise/create_department` - [GET Get department role list](api-get-nd-api-enterprise-dep-role.md): `/nd/api/enterprise/dep_role` - [POST add department personnel](api-post-nd-api-enterprise-add-dep-mem.md): `/nd/api/enterprise/add_dep_mem` - [POST delete department personnel](api-post-nd-api-enterprise-remove-dep-mem.md): `/nd/api/enterprise/remove_dep_mem` - [GET to obtain information about your own department](api-get-nd-api-enterprise-mydeparments.md): `/nd/api/enterprise/mydeparments` - [GET Get Department Members](api-get-nd-api-enterprise-departmentmembers.md): `/nd/api/enterprise/departmentmembers` - [POST add enterprise members](api-post-nd-api-enterprise-add-ent-mem.md): `/nd/api/enterprise/add_ent_mem` - [POST update member information](api-post-api-updateuserinfo-do.md): `/api/updateUserInfo.do` - [GET Get enterprise member information](api-get-api-getenterprisemember-do.md): `/api/getEnterpriseMember.do` - [POST Get all members of the enterprise](api-post-nd-api-enterprise-enterprise-members.md): `/nd/api/enterprise/enterprise_members` - [POST Get Enterprise Logs](api-post-nd-api-enterprise-enterprise-logs.md): `/nd/api/enterprise/enterprise_logs` - [POST Release Announcement](api-post-nd-api-enterprise-broadcast.md): `/nd/api/enterprise/broadcast` - [GET Get published announcements](api-get-nd-api-enterprise-broadcast.md): `/nd/api/enterprise/broadcast` - [POST Send Department Discussion](api-post-nd-api-file-send-dep-discussion.md): `/nd/api/file/send_dep_discussion` - [POST Get department discussion](api-post-nd-api-file-dep-discussion.md): `/nd/api/file/dep_discussion` - [GET Get Enterprise Logs](api-get-nd-api-enterprise-enterprise-logs.md): `/nd/api/enterprise/enterprise_logs` - [GET JWT token login](api-get-account-tokenlogin-do.md): `/account/tokenLogin.do`