Three methods of authentication.
- Basic Auth
- Key+Signature Authentication
- Session
1. Basic Auth Login
Provide your login/password pair each time you invoke Ankoder’s api.
curl --basic --user {username}:{password} http://api.ankoder.com/profile2. Key+Signature Authentication
Prove your identity by creating a Signature Token with:
- Timestamp
- Request method
- URL
- Private key
Definitions
| ankoder_date | request dispatch time in unix `date` default output format orRFC 2822 format |
|---|---|
| ankoder_action | the HTTP method with which you make the request. Common examples are GET, POST, HEAD, PUT and DELETE |
| ankoder_path | the part of URL after api.ankoder.com.If the URL you are requesting is http://api.ankoder.com/video/1, then ankoder_path is/video/1. |
| ankoder_access_key | your access key |
| ankoder_passkey | the token with which you identify yourself. |
Creating the ankoder_passkey
- Embed ankoder_date, ankoder_action and ankoder_path in string.
- Apply NIST SHA-1 message digest algorithm on string, take the
first 20 hexadecimal digits in lowercase and name the string salt. - ankoder_passkey is Base64-encoded HMAC-SHA1 digest of
salt with your private key. If trailing linefeed is present, it is not included in ankoder_passkey.
Ruby Example
string = "-#{ankoder_date}-#{ankoder_action}-#{ankoder_path}-"
require "hmac-sha1"
salt = Digest::SHA1.hexdigest("-#{date}-#{action}-#{path}-")[0..19]
>a6cdce75aa6c079b47b7
require "base64"
passkey = Base64.encode64(HMAC::SHA1::digest(private_key, salt)).strip
>zJrt3c48z+GqUnba9O5iOARyoo8=
Request Header
Unique ankoder_date and ankoder_passkey is required on every request.
GET /video/1 HTTP/1.1
Host: api.ankoder.com
Accept: */*
ankoder_access_key: 31e9111ae343c829864e1d159da2f70cd25cd932
ankoder_passkey: zJrt3c48z+GqUnba9O5iOARyoo8=
ankoder_date: Mon Aug 17 11:21:52 UTC 2009
Curl Testing Example
You are recommended to write a script to compute the commandline options.
Working SHA-1 out by hand before ankoder_date expires after 15 minutes
may frequently be physically impossible.
curl api.ankoder.com/video/1
-X GET -H "ankoder_access_key: 94e7041ae343c829864e1d730da2f70cd25cd561"
-H "ankoder_passkey: IU2HAzzkxt5bBABuTjDGUOvzJfc="
-H "ankoder_date: Mon Aug 17 11:21:52 UTC 2009"
3. Session Login
Prove your identity by POSTing login and password as HTTP Request parameters.
A session cookie would be returned as part of the headers.
| URL | http://api.ankoder.com/auth/login |
|---|---|
| Method | POST |
| Parameters | |
| login | your login name ( required ) |
| password | your password ( required ) |
Success Example
$ curl -H "Accept: text/xml" -F login=foo \
-F password=bar http://api.ankoder.com/auth/login -i
HTTP/1.1 200 OK
....
Set-Cookie: _ankoderapi_session=BAh7BzoJdXNlcmkRIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFz%250AaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--c29782111b8b3f7afe17be096b572d63e88b8ad4; path=/
....HTTP/1.1 200 OK indicates that login is successful.
You can then reuse the login session which is _ankoderapi_session:
_ankoderapi_session=BAh7BzoJdXNlcmkRIgpmbGFzaElDOidBY3R....Failure Example
$ curl -H "Accept: text/xml" -F login=foo \
-F password=foobar http://api.ankoder.com/auth/login -i
HTTP/1.1 401 Authorization Required
....
Set-Cookie: _ankoderapi_session=BAh7BzoJdXNlcmkRIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFz%250AaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--2aa5be92bcd97844b5a7c25c9de72dcd9a58a42a; path=/
....HTTP/1.1 401 Authorization Required indicates that login is failed.
Here you would still get a session, however this session would not give you authorized access.
