ScreenStepsScreenSteps API v1 XML API (Deprecated)Generating the Authentication Header When Using ScreenSteps Live API Key

Generating the Authentication Header When Using ScreenSteps Live API Key

This article contains information on the V1 XML API which has been deprecated. For docs on the V2 JSON API please see here:

http://help.screensteps.com/m/screenstepslive-api/c/182738

This article discusses how to create the header that is required when retrieving data from your ScreenSteps account using the ScreenSteps Live API and a ScreenSteps Live API Key. Alternatively you can use an API user account's username/password.

Authorization Header When Using ScreenSteps Live API Key

The header you send with each request will look something like this:

Content-Type: application/xml

Accept: application/xml

Date: Tue, 06 Jan 2009 17:56:39 GMT

Authorization: ScreenStepsLiveAPI auth= AUTH_STRING

Generating AUTH_STRING

To create the AUTH_STRING you need the following information:

1) Your ScreenSteps Live domain.

2) The path of the resource you are requesting.

3) The date being sent in the Date header.

4) Your ScreenSteps Live API key.

Armed with the above data you create a string as follows:

SSLIVE_DOMAIN:PATH:DATE

Next create a SHA1 digest of the string using your ScreenSteps API Key as the salt. To end with you base64 encode the digest.

Here is an example in PHP that uses the Crypt_HMAC PEAR library:

$sslive_api_key = '12e5317e88';

$domain = 'example.screenstepslive.com';

$path = '/spaces/';

$httpDate = gmdate("D, d M Y H:i:s T"); // i.e. Tue, 06 Jan 2009 17:56:39 GMT

$string =  $domain . ':' . $path . ':' . $httpDate;

$hasher =& new Crypt_HMAC($sslive_api_key, 'sha1');

$digest = $hasher->hash($string);

$AUTH_STRING = base64_encode(pack('H*', $digest));

$AUTH_STRING can now be passed in the Authorization header.

0 Comments

Add your comment

E-Mail me when someone replies to this comment