Updated on Fri, 2012-03-23
In order to make authorized calls to ASI's APIs, you must register an application with ASI. Once you have an application id and secret, follow the steps described for Authorizing a request.
Authorizing a request
All of ASI's APIs are based on the HTTP protocol. This means that any software you write which uses ASI's APIs sends a series of structured messages to ASI's servers. For example:
GET /v1/lists/news.json HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.2; rv:9.0.1) Gecko/20100101 Firefox/9.0.1
Authorization: AsiMemberAuth client_id=17828&client_secret=6b0d16dd019affe67e046c4ce264b2b2
The authorization header containers 2 key/value pairs, where the keys all begin with the string "client_". For any authorized API request, you will need to provide these two values to specify authorization for the request.
The client_id identifies which application is making the request.
The client_secret is a unique token generated for your application. The token below is an example.
Building the header string
To build the header string, imagine writing to a string named authString.
Append the string "AsiMemberAuth " (including the space at the end) to authString.
For each key/value pair of the 2 parameters listed above:
Append the key to authString.
Append the equals character '=' to authString.
Append the value to authString.
If there are key/value pairs remaining, append an ampersand '&' authString.
Performing these steps on the parameters collected above results in the following string:
This value should be set as the Authorization header for the request.