Project

General

Profile

Authorization » History » Version 9

« Previous - Version 9/19 (diff) - Next » - Current version
Seulki Lee, 12/12/2013 05:03 AM


Authentication & Authorization

All requests to BrickLink REST API requires you to authenticate using OAuth 1.0 like - but simpler flow. You can authorize your requests by following the steps below:

Register as an API consumer

BrickLink API will assign an OAuth consumer key and consumer secret.

Register IP addresses of your endpoint client

  • Access tokens and token secrets will be issued for each of your IP addresses.
  • You can access the BrickLink resources with the token only from the registered location.
  • Since the access token has no expiration date, token secret should be stored securely. (If it is exposed, you should reissue it)
  • API Sandbox does not require IP address for convenience.

Make the request with OAuth protocol parameters

  • The parameters are sent in either the HTTP Authorization header or query part of the URL with JSON format.
  • All parameter names and values are escaped using the RFC3986 percent-encoding (%xx) mechanism.

Prameter Details

Property name Value Note
oauth_version String must be 1.0
oauth_consumer_key String The consumer key.
oauth_token String The access token.
oauth_timestamp String The timestamp is expressed in the number of seconds since January 1, 1970 00:00:00 GMT.
oauth_nonce String A random string, uniquely generated for each request.
oauth_signature_method String must be HMAC-SHA1
oauth_signature String The signature as defined in Signing Requests.
- Compute an OAuth request signature

Example

The request for the orders you received is:

https://blapitest.ubifun.com/api/store/v1/orders?direction=in

Authorization: OAuth realm="",
oauth_consumer_key="7CCDCEF257CF43D89A74A7E39BEAA1E1",
oauth_token="AC40C8C32A1748E0AE1EFA13CCCFAC3A",
oauth_signature_method="HMAC-SHA1",
oauth_signature="0IeNpR5N0kTEBURcuUMGTDPKU1c%3D",
oauth_timestamp="1191242096",
oauth_nonce="kllo9940pd9333jh",
oauth_version="1.0" 

And if using query parameters:

https://blapitest.ubifun.com/api/store/v1/orders?direction=in&Authorization={"oauth_signature"%3A"0IeNpR5N0kTEBURcuUMGTDPKU1c%3D"%2C"oauth_nonce"%3A"kllo9940pd9333jh"%2C"oauth_version"%3A"1.0"%2C"oauth_consumer_key"%3A"7CCDCEF257CF43D89A74A7E39BEAA1E1"%2C"oauth_signature_method"%3A"HMAC-SHA1"%2C"oauth_token"%3A"AC40C8C32A1748E0AE1EFA13CCCFAC3A"%2C"oauth_timestamp"%3A"1191242096"}

BLAuthTest.zip (5.82 KB) Seulki Lee, 02/18/2014 03:01 AM

Add picture from clipboard (Maximum size: 24.4 MB)