FAQs

1. Why is MAC signature necessary?

As the verification and authorization protocol of Mi Dev Platform, OAuth 2.0 is an open standard, which allows third-party apps to access the information resources (such as account info and contacts) stored on the site with the user’s approval, while without telling the third parties the user’s account ID and password during the session. Mi OAuth Agreement supports MAC access token, so corresponding signature of Mac Access Authentication is required to get full access.

2. Why do I need the user’s approval? When should I get it?

In accordance with the OAuth Protocol, as a service provider, Xiaomi can’t give user data to the third parties unless the user approved that.

3. How to get app ID, app key and other data on an web (without apk package)?

If it’s not a client app, you can create an light app on Mi Dev Platform to get such data.

4. Why does the request API prompt that client ID is invalid when the app has been created?

  1. Account service is required if a new app wants to use OAuth services on Mi Dev Platform, refer to Quick Access Guide
  2. Data passed to the server is invalid due to URL request isn’t encoded

5. Why does request API interface return users or the authorized server refuse the request?

Access token and app ID don’t match or the app ID entered isn’t generated by Mi Dev Platform.

6. Why has response data nonce been used after accessing API?

  1. Collisions may be occurred among passed nonce and other data. Generally it will be normal after you try again.

  2. The content in nonce after the colon is the Standard Beijing Time in minutes