Project

General

Profile

Authorization » History » Version 10

Version 9 (Seulki Lee, 12/12/2013 05:03 AM) → Version 10/19 (Seulki Lee, 01/03/2014 06:34 AM)

h1. Authentication & Authorization

h2. Make the request with OAuth protocol parameters

All requests to BrickLink REST API requires you to authenticate using OAuth 1.0 like - but simpler flow. You can authorize your requests with by following the steps below:

h2. Register as an API consumer

BrickLink API will assign an OAuth consumer key and consumer secret.

h2. Register IP addresses of
your credentials provided after [[BLAPI_Registration|registration]]. endpoint client

* Access tokens and token secrets will be issued for each of your IP addresses.

* You can access the BrickLink resources with the token only from the registered location.
* Since the access token has no expiration date, token secret should be stored securely. (If it is exposed, you should reissue it)
* API Sandbox does not require IP address for convenience.

h2. Make the request with OAuth protocol parameters

*
The parameters are sent in either the HTTP Authorization header or query part of the URL with JSON format.
* All parameter names and values are escaped using the "RFC3986":http://tools.ietf.org/html/rfc3986 percent-encoding (%xx) mechanism.

h3. Prameter Details

|_. Property name |_. Value |_. Note |
| oauth_version | String| must be *1.0* |
| oauth_consumer_key | String| The consumer key. |
| oauth_token | String| The access token. |
| oauth_timestamp | String| The timestamp is expressed in the number of seconds since January 1, 1970 00:00:00 GMT. |
| oauth_nonce | String| A random string, uniquely generated for each request. |
| oauth_signature_method | String | must be *HMAC-SHA1* |
| oauth_signature | String| The signature as defined in "Signing Requests":http://oauth.net/core/1.0/#signing_process.
- "Compute an OAuth request signature":http://oauth.googlecode.com/svn/code/javascript/example/signature.html |



h3. Example

The request for the orders you received is:

<pre>
<code class="php">
https://blapitest.ubifun.com/api/store/v1/orders?direction=in

Authorization: OAuth realm="",
oauth_consumer_key="7CCDCEF257CF43D89A74A7E39BEAA1E1",
oauth_token="AC40C8C32A1748E0AE1EFA13CCCFAC3A",
oauth_signature_method="HMAC-SHA1",
oauth_signature="0IeNpR5N0kTEBURcuUMGTDPKU1c%3D",
oauth_timestamp="1191242096",
oauth_nonce="kllo9940pd9333jh",
oauth_version="1.0"
</code>
</pre>

And if using query parameters:

<pre>
<code class="php">
https://blapitest.ubifun.com/api/store/v1/orders?direction=in&Authorization={"oauth_signature"%3A"0IeNpR5N0kTEBURcuUMGTDPKU1c%3D"%2C"oauth_nonce"%3A"kllo9940pd9333jh"%2C"oauth_version"%3A"1.0"%2C"oauth_consumer_key"%3A"7CCDCEF257CF43D89A74A7E39BEAA1E1"%2C"oauth_signature_method"%3A"HMAC-SHA1"%2C"oauth_token"%3A"AC40C8C32A1748E0AE1EFA13CCCFAC3A"%2C"oauth_timestamp"%3A"1191242096"}</code>
</pre>
Add picture from clipboard (Maximum size: 24.4 MB)