...
| Child pages (Children Display) |
|---|
Creating a signed request
A Meridix Studio API ticket contains a Token and a Secret that is used to create a signature that need to be sent to the API with each request. The token will be sent in clear text to the server along with a random nonce value and a timestamp. A signature value needs to be created by the client. This section will describe how you create a valid signature for a specific query.
...
- auth_token
- auth_nonce
- auth_timestamp
- auth_signature
Creating a authorization signature
The following steps needs to be done in order to create a valid signature. A valid API ticket on the target server is needed as well as valid access rights to the target API. See the different API descriptions for information about the access rights needed on the ticket.
...
| Note |
|---|
A signed request (Signature) can only be used one time, when it has been used it can not be executed again and in that case the server will return a 403 Forbidden HTTP response. The request must also be sent to the server within ten minutes from that the signing was been made (based on the UTC Timestamp in the request). |
URL Encoding
The URL encoding is based on the encoding scheme implemented by the .NET Uri.EscapeDataString method. See for more information about valid URL encodings http://msdn.microsoft.com/en-us/library/system.uri.escapedatastring.aspx
...