API Overview
Accessing the API
Safe Creative API Web Services are accessible via a REST-like interface. The interface is rooted at http://api.safecreative.org/v2/
unless you are using the arena server that lives in the arena subdomain: http://arena.safecreative.org/v2/
.
All requests must be done using the UTF-8 charset (HTTP request charset should be UTF-8). Responses are formatted as UTF-8 XML. It is strongly recommended to use HTTPS instead of HTTP. Some methods are required to be called using HTTPS.
Obtaining the keys to use the API
You must have a Safe Creative Account to use the API. You can create your API key at https://www.safecreative.org/new-api-key You will fill a form with some data that Safe Creative reviews in order to make the final authorization to use the application key:
- Name: Name of the application that will use the Safe Creative API, it's a public name shown when an authorization to the user is made
- Shared key: Provided shared key used to identify the applications calls
- Private key: Provided private key to sign some API requests
- Description: Public description of the service provided by the application
- Web site: Public URL of the site of the application
- API callback URL: Private URL used by Safe Creative to notify different types of events
- API bringback URL: URL provided to the client user as the final step of key authorization. i.e., user will be redirect to this url after authorizing your application
- Notes: Private notes for the Safe Creative Team in order to obtain the activation of the keys
After some days you will obtain the activation of these keys, so you can use the Safe Creative API. Once you have requested an API key, you can manage your API keys from the API keys tab on My account
It is strongly encouraged to use the arena environment for testing the API before using your application on the real service. To do so, you must request your application key at https://arena.safecreative.org/new-api-key instead. Your application key will be immediately activated, so you can start testing the API.
Parameters
Parameters can be sent by POST or GET. You can mix POST and GET parameters. Some operations must send xml parameters that are best suited for POST method, but this is not required.
There are some common parameters: locale, sharedkey, ztime, authkey, signature, component and format
- component is the name of the method or function to execute
- sharedkey is the key assigned to the application. It has an associated private key.
- locale is used to translate some messages to the specified locale. Locale format is language-country-variant, e.g. en-US
- ztime is the number of milliseconds since January 1, 1970, 00:00:00 GMT according to the API server. You can retrieve the server ztime for synchronization
- authkey is the user authorization for the application to use his account. It has an associated private key.
- signature is a hash of the request computed using the private key associated to the sharedkey or authkey (depending on the component being called)
- format specifies the response format: xml (default) or json
URL syntax
API calls usually have the following format:
http://api.safecreative.org/v2/?component={component}¶meter1=value1¶meter2=value2&ztime={ztime}&signature={signature}
Some operations do not require a signature, so you can avoid calculating and sending it. The same can be said for the ztime
- Zime parameter
- Signature parameter
- Obtain the keys to use the API
- User Key callback URL
- User Key bringback URL
- Authkey: The user authorization
- Error handling
- About users
- About Works
- User management
- Building common URLs
- Paginated requests
- API Arquitecture
API functions reference
Generic methods
User management
Master tables
- user.licenses
- license.features
- user.countries
- user.profiles
- work.types
- work.types.tree
- work.languages
Works info
Work management
- work.upload.lookup
- work.upload.begin
- work.upload.chunk
- work.upload.commit
- work.register
- work.attachfile
- work.delete
Multiauthorship
Search
How to
- Register work uploading
- Register work via URL
- Register work with extended info
- Register work with relations
- Desktop Applications