API 3.0 - Authentication



Each API call, no matter what namespace it refers to, takes an authentication token as a parameter. The authentication token is a character value which is generated by a call to the authentication namespace.

This is the first call that has to be made before any other API calls are attempted as this will produce a session token needed for all other API calls.

The authentication api call takes in the Account ID and the Application Key to authenticate the API call. It returns a Session Token that will be used for subsequent calls into the system.

The token returned could be used multiple times within 20 minutes. This timeout is not configurable and is set to enforce a maximum level of security on API calls.

Not limited to authentication, all connections must be made over a secure channel. As an additional security control, the API access is automatically locked for 15 minutes after 5 failed login attempts.

All calls for obtaining authentication tokens must be made on a server-to-server communication level, not client-to-server. Do not pass the Application Key to the client browser.

 

Namespace Call

Authentication Namespace: <API_URL>/token/
Supported HTML Methods: GET / POST
Communications Level: Server-to-Server

 

Parameters

CID - Account Id (Number, Required, Sample: 123456)
AppKey - Application Key (Character, Required, Sample: UO86CN11XY73SF72TT40PG18ZE76VV71)

 

The Call Returns: An Integer Response Code and a character Session Token. If the call fails a non-zero response code is returned with an error description.

 

Example Call

https://api30.school-network.net/token/?cid=123456&appkey=UO86CN11XY73SF72TT40PG18ZE76VV71

 

Sample Successful XML Result

<Response>
    <ResponseCode>0</ResponseCode>
    <ResponseData>9C467079-FE3B-45C5-8AA5-9726397081AA</ResponseData>
</Response>

 

Sample Unsuccessful XML Result

<Response>
    <ResponseCode>1</ResponseCode>
    <ResponseData>Invalid Account or Application Key</ResponseData>
</Response>


Obtaining a Session Token through PHP using CURL

<?
    $Url = 'https://api30.school-network.net/token/?cid=123456&appkey=UO86CN11XY73SF72TT40PG18ZE76VV71';

    if (!function_exists('curl_init')){
        die('cURL is not installed!');
    }

    $ch = curl_init();

    // Set URL to download and other parameters

    curl_setopt($ch, CURLOPT_URL, $Url);
    curl_setopt($ch, CURLOPT_HEADER, 0);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_TIMEOUT, 20);

    // Download the given URL, and return output
    $output = curl_exec($ch);
    // Close the cURL resource, and free system resources

    curl_close($ch);
?>

Sample ASP code snippet using WinHttp.WinHttpRequest

 

<%
    Dim objWinHttp
    Dim strHTML

    Set objWinHttp = Server.CreateObject("WinHttp.WinHttpRequest.5.1")

    SiteURL           = "https://api30.school-network.net"

    AccountId         = 11267192
    AppKey            = "UO86CN11XY73SF72TT40PG18ZE76VV71"
    Result            = "xml"
    AppRoot = SiteURL + "/token/?cid=" & AccountId & "&appkey=" & AppKey

    objWinHttp.Open "GET", AppRoot
    objWinHttp.Send

    strHTML = objWinHttp.ResponseText

    Set objWinHttp = Nothing

    Response.Write strHTML
%>

Posted 7 Years Ago by Administrator
http://support.e-lecta.com/Knowledgebase/Article/50052