Docs Center Compliance Guide Developer Community
Jiguang Docs > JVerification > REST API > Business risk control API > One-click login and business risk control API
Jiguang Docs > JVerification > REST API > Business risk control API > One-click login and business risk control API

One-Tap LoginWith business style control API

Last updated:2026-01-26
One-Tap LoginWith business style control API

Functional description

Submit loginToken, then return the cell phone number and identify the business risk score of the cell phone number.

Call Address

Android and iOS Use

POST https://api.verification.jpush.cn/v2/web/loginTokenVerify

Web Use

POST https://api.verification.jpush.cn/v2/web/h5/loginTokenVerify

Call Authentication

See for more information REST API Overview Authentication Note.

Example request

curl --insecure -X POST -v https://api.verification.jpush.cn/v2/web/loginTokenVerify -H "Content-Type: application/json" -u "7d431e42dfa6a6d693ac2d04:5e987ac6d2e04d95a9d8f0d1" -d '{ "loginToken": "STsid0000001542695429579Ob28vB7b0cYTI9w0GGZrv8ujUu05qZvw", "exID": "1234566", "ip": "127.0.0.1" }'
          curl --insecure -X POST -v https://api.verification.jpush.cn/v2/web/loginTokenVerify -H "Content-Type: application/json" -u "7d431e42dfa6a6d693ac2d04:5e987ac6d2e04d95a9d8f0d1" -d '{
 "loginToken": "STsid0000001542695429579Ob28vB7b0cYTI9w0GGZrv8ujUu05qZvw",
 "exID": "1234566",
 "ip": "127.0.0.1"
}'
This code block is shown in the floating window

** Request parameters**

Keyword Type Options Meaning
loginToken String Required Authentication SDKReceived loginToken
ip String Optional sdk peerip
exID String Optional Developer custom id, not required

Response Example

Request succeeded

{ "id": 117270465679982592, "code": 8000, "content": "get phone success", "exID": "1234566", "phone": "HpBLIQ/6SkFl0pAq0LMdw1aZ8RHoofgWmaY//LE+0ahkSdHC5oTCnjrR8Tj8y5naKVI03torFU+EzAQnwtVqAoQyYckT0S3Q02TKuAal3VRGiR5Lmp4g2A5Mh4/W5A4o6QFviHuBVJZE/WV0AzU5w4NGhpyQntOeF0UyovYATy4=", "score": 0, "riskCheck": { "code": 0, "content": "success", "score": 0, "tags": [], "detail": {} } }
          {
 "id": 117270465679982592,
 "code": 8000,
 "content": "get phone success",
 "exID": "1234566",
 "phone": "HpBLIQ/6SkFl0pAq0LMdw1aZ8RHoofgWmaY//LE+0ahkSdHC5oTCnjrR8Tj8y5naKVI03torFU+EzAQnwtVqAoQyYckT0S3Q02TKuAal3VRGiR5Lmp4g2A5Mh4/W5A4o6QFviHuBVJZE/WV0AzU5w4NGhpyQntOeF0UyovYATy4=",
 "score": 0,
 "riskCheck": {
 "code": 0,
 "content": "success",
 "score": 0,
 "tags": [],
 "detail": {}
 }
}
This code block is shown in the floating window

** Request failed**

{ "code": 8001, "content": "get phone fail" }
          {
 "code": 8001,
 "content": "get phone fail"
}
This code block is shown in the floating window

** Response parameters**

Keyword Type Meaning
id Long Drift. Could be empty if the request goes wrong.
exID String Developer custom id if request is empty
code Integer Return Code
content String Response Code Reference
score Integer Risk rating (subsequent deletion, recommended) riskCheck.score)
phone String Encrypted cell phone number.Jiguang Private key decryption for public key
riskCheck Object Risk rating - new structure
riskCheck.code Integer Wind Return Code
riskCheck.content String Wind controlResponse Code Reference
riskCheck.score Integer Risk rating
riskCheck.tags String[] Risk Tag Pool
riskCheck.detail Object Risk Tag Details
riskCheck.detail.[tag] Object Risk labels for details
riskCheck.detail.[tag].score Integer Risk label corresponding risk rating

** Back score Annotations**

  • score The field indicates the risk of the current number, the higher the score, the greater the risk, and the value range is: [0,] 900]。
  • Based on Jiguang The experience of the security certification team.score The operational meaning of field values is as follows (for information purposes only, it can be adapted from the actual scene):
Value Risk level MeaningDescription
0 Low risk Normal release
300 Medium risk Markable observation of user follow-up before further decision-making
600 Medium and high risk Further security clearance or direct operational restrictions
900 High risk Direct operational constraints

** Back riskCheck.tags Annotations**

RSA Example of private key decryption

Java

import javax.crypto.Cipher; import java.security.KeyFactory; import java.security.PrivateKey; import java.security.spec.PKCS8EncodedKeySpec; import java.util.Base64; public class RSADecrypt { public static void main(String[] args) throws Exception { String encrypted = args[0]; String prikey = args[1]; String result = decrypt(encrypted, prikey); System.out.println(result); } public static String decrypt(String cryptograph, String prikey) throws Exception { PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(prikey)); PrivateKey privateKey = KeyFactory.getInstance("RSA").generatePrivate(keySpec); Cipher cipher=Cipher.getInstance("RSA"); cipher.init(Cipher.DECRYPT_MODE, privateKey); byte [] b = Base64.getDecoder().decode(cryptograph); return new String(cipher.doFinal(b)); } }
           import javax.crypto.Cipher;
 import java.security.KeyFactory;
 import java.security.PrivateKey;
 import java.security.spec.PKCS8EncodedKeySpec;
 import java.util.Base64;

 public class RSADecrypt {
 public static void main(String[] args) throws Exception {
 String encrypted = args[0];
 String prikey = args[1];

 String result = decrypt(encrypted, prikey);
 System.out.println(result);
 }

 public static String decrypt(String cryptograph, String prikey) throws Exception {
 PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(prikey));
 PrivateKey privateKey = KeyFactory.getInstance("RSA").generatePrivate(keySpec);

 Cipher cipher=Cipher.getInstance("RSA");
 cipher.init(Cipher.DECRYPT_MODE, privateKey);

 byte [] b = Base64.getDecoder().decode(cryptograph);
 return new String(cipher.doFinal(b));
 }
 }
This code block is shown in the floating window

Python

#!/usr/bin/env python3 # 需要先安装 pycryptodome,直接使用 pip 安装即可,仅在 python3 环境下测试通过 from Crypto.PublicKey import RSA from Crypto.Cipher import PKCS1_v1_5 import base64 PREFIX = '-----BEGIN RSA PRIVATE KEY-----' SUFFIX = '-----END RSA PRIVATE KEY-----' encrypted = None prikey = None key = "{}\n{}\n{}".format(PREFIX, prikey, SUFFIX) cipher = PKCS1_v1_5.new(RSA.import_key(key)) result = cipher.decrypt(base64.b64decode(encrypted.encode()), None).decode() print(result)
           #!/usr/bin/env python3

 # 需要先安装 pycryptodome,直接使用 pip 安装即可,仅在 python3 环境下测试通过

 from Crypto.PublicKey import RSA
 from Crypto.Cipher import PKCS1_v1_5
 import base64

 PREFIX = '-----BEGIN RSA PRIVATE KEY-----'
 SUFFIX = '-----END RSA PRIVATE KEY-----'

 encrypted = None
 prikey = None

 key = "{}\n{}\n{}".format(PREFIX, prikey, SUFFIX)
 cipher = PKCS1_v1_5.new(RSA.import_key(key))
 result = cipher.decrypt(base64.b64decode(encrypted.encode()), None).decode()

 print(result)
This code block is shown in the floating window

PHP

// https://www.php.net/manual/en/function.openssl-private-decrypt.php $prefix = '-----BEGIN PRIVATE KEY-----'; $suffix = '-----END PRIVATE KEY-----'; $result = ''; $encrypted = null; $prikey = null; $key = $prefix. "\n". $prikey. "\n". $suffix; $r = openssl_private_decrypt(base64_decode($encrypted), $result, openssl_pkey_get_private($key)); echo $result. "\n";
           // https://www.php.net/manual/en/function.openssl-private-decrypt.php

 $prefix = '-----BEGIN PRIVATE KEY-----';
 $suffix = '-----END PRIVATE KEY-----';
 $result = '';

 $encrypted = null;
 $prikey = null;

 $key = $prefix. "\n". $prikey. "\n". $suffix;
 $r = openssl_private_decrypt(base64_decode($encrypted), $result, openssl_pkey_get_private($key));

 echo $result. "\n";
This code block is shown in the floating window

package main

import ( "crypto/rand" "crypto/rsa" "crypto/x509" "encoding/base64" "encoding/pem" "errors" "log" )

Go

func main() { PREFIX:= "-----BEGIN RSA PRIVATE KEY-----" SUFFIX:= "-----END RSA PRIVATE KEY-----" prikey:= "" encrypted:= "" encryptedB, err:= base64.StdEncoding.DecodeString(encrypted) if err!= nil { log.Println("invalid encrypted") return } key:= PREFIX + "\n" + prikey + "\n" + SUFFIX result, err:= RsaDecrypt(encryptedB, []byte(key)) if err!= nil { log.Println("err: ", err) return } log.Println("result: ", string(result)) } // 私钥解密 func RsaDecrypt(encrypted, prikey []byte) ([]byte, error) { var data []byte block, _:= pem.Decode(prikey) if block == nil { return data, errors.New("private key error") } rsaKey, err:= x509.ParsePKCS8PrivateKey(block.Bytes) if err!= nil { return data, err } key, ok:= rsaKey.(*rsa.PrivateKey) if!ok { return data, errors.New("invalid private key") } data, err = rsa.DecryptPKCS1v15(rand.Reader, key, encrypted) return data, err }
          func main() {
 PREFIX:= "-----BEGIN RSA PRIVATE KEY-----"
 SUFFIX:= "-----END RSA PRIVATE KEY-----"
 prikey:= ""
 encrypted:= ""

 encryptedB, err:= base64.StdEncoding.DecodeString(encrypted)
 if err!= nil {
 log.Println("invalid encrypted")
 return
 }
 key:= PREFIX + "\n" + prikey + "\n" + SUFFIX
 result, err:= RsaDecrypt(encryptedB, []byte(key))
 if err!= nil {
 log.Println("err: ", err)
 return
 }
 log.Println("result: ", string(result))
}

// 私钥解密
func RsaDecrypt(encrypted, prikey []byte) ([]byte, error) {
 var data []byte
 block, _:= pem.Decode(prikey)
 if block == nil {
 return data, errors.New("private key error")
 }
 rsaKey, err:= x509.ParsePKCS8PrivateKey(block.Bytes)
 if err!= nil {
 return data, err
 }
 key, ok:= rsaKey.(*rsa.PrivateKey)
 if!ok {
 return data, errors.New("invalid private key")
 }
 data, err = rsa.DecryptPKCS1v15(rand.Reader, key, encrypted)
 return data, err
}
This code block is shown in the floating window
Was this document helpful?

Copyright 2011-2026, jiguang.cn, All Rights Reserved. 粤ICP备12056275号-13 Shenzhen Hexun Huagu Information Technology Co., Ltd.

Open in Docs Center