api.safecreative.org

Safe Creative API Web Services Reference v2 - D R A F T

Authkey: The user authorization

In order to register works for an account you need an authKey. That authKey is the authorization a user has acknowledged so you can use his account.
An authKey has an associated private key. You must use the authKey's private key in order to sign the request when you're using an authKey signed method call. You must authorize yourself if you want to auto-register works.
The authorization has a level, it can be GET, ADD or MANAGE

The GET level allows read operations on the user account
The ADD level allows new work registrations on the user account
The MANAGE level allows modification and deletion of registered works

Some security-risk operations such as the creation or modification of a work registration require a nonce key which is obtained using the authKey. The nonce is changed every time it's used in such operations
In order to create an authKey you can use authkey.create. That function return a new authKey
You can obtain a user authorization or modification of the authorization redirecting the user to the url authkey.edit
You can obtain the nonce key calling auth.authkey. That function returns the current auth key status and the current nonce key to use in some funcion calls


Example of authkey.manage:


REQUEST:

https://api.safecreative.org/v2/
?component=authkey.create
&sharedkey=zy9x4ol0ctg3btyswq7b5wi9
&ztime=1271749822099
&signature=4ed86580ab439b56251ed712e2554586b125f0ef

RESPONSE:

<?xml version="1.0" encoding="UTF-8"?>
<authkeycreate>
  <authkey>23j22wtpoguzgzk0fag39sey6</authkey>
  <privatekey>1f5lcps1hvpo7y1sw175y5qkp</privatekey>
</authkeycreate>


Manage user authorization: http://arena.safecreative.org/api-ui/authkey.edit?authkey=23j22wtpoguzgzk0fag39sey6&level=GET&sharedkey=zy9x4ol0ctg3btyswq7b5wi9&ztime=1271749822662&signature=f8d9fd7d0b9a9c517d963881a4e8ded03cb2cec5

The authorization is redirected to the bringback url defined in the userkey. The redirection is automatic when the user already has an authorization of the same request level.




Example of authkey.state:


REQUEST:

https://api.safecreative.org/v2/
?authkey=23j22wtpoguzgzk0fag39sey6
&component=authkey.state
&sharedkey=zy9x4ol0ctg3btyswq7b5wi9
&ztime=1271749822816
&signature=7d6ec7ad668da907286ee2901448af8e3581e37e

RESPONSE:

<?xml version="1.0" encoding="UTF-8"?>
<authkeystate>
  <authkey>23j22wtpoguzgzk0fag39sey6</authkey>
  <authorized>false</authorized>
</authkeystate>

TOC