🚧 GetFileWopiSrc (ecosystem)

POST /wopi/ecosystem


This operation should not be called by WOPI clients at this time. It is reserved for future use and subject to change.

The GetFileWopiSrc operation is used to convert a host-specific file identifier into a WopiSrc value.

The WOPI client passes the host-specific file identifier in the X-WOPI-HostNativeFileName header. The host, in turn, returns a WopiSrc URL with an access token appended.

This operation is useful in cases where a WOPI client receives a file identifier that is not a proper WopiSrc, but can be translated into a valid WopiSrc value by the WOPI host.

For example, iOS applications can open files in Office for iOS using URL schemes. However, it may not be feasible for an application to generate a WopiSrc value itself. As long as it can generate a string value that can later be converted to a WopiSrc value by calling this operation, then the application can pass this value and rely on Office for iOS to call this operation to convert the file identifier into a WopiSrc.


While a WOPI host can accept any string value as input, hosts are strongly recommended to support the following values in X-WOPI-HostNativeFileName:

See also

This operation is also exposed as a shortcut operation.

Query Parameters
  • access_token (string) – An access token that the host will use to determine whether the request is authorized.

Request Headers
  • X-WOPI-Override – The string GET_WOPI_SRC_WITH_ACCESS_TOKEN. Required.

  • X-WOPI-HostNativeFileName – A string representing the host-specific file identifier for a file.

Status Codes

See also

Standard WOPI request and response headers

In addition to the request/response headers listed here, this operation may also use the Standard WOPI request and response headers.


The response to a GetFileWopiSrc call is JSON (as specified in RFC 4627) containing the following required properties:


A URI that represents a WopiSrc value with an access token appended.


This property includes an access token and thus has important security implications. See Preventing ‘token trading’ for more details.

Sample response

  "Url": "http://.../wopi*/[containers|files]/<id>?access_token=<file|container_token>&access_token_ttl=<timestamp>"