Elgg provides a token-based approach for user authentication. Parameters expected by each method should be listed as an associative array, where the key represents the parameter name, and the value contains an array with type , default and required fields. API will throw on exception if validation fails. What sort of data are you trying to expose? Elgg provides two built-in methods to perform API authentication:
|Date Added:||17 May 2006|
|File Size:||68.13 Mb|
|Operating Systems:||Windows NT/2000/XP/2003/2003/7/8/10 MacOS 10/X|
|Price:||Free* [*Free Regsitration Required]|
Plugins can filter the output of individual API methods by registering a handler for 'rest: It is available in the Elgg plugin repository. Developers can request a key a random string and pass that key with all calls that require API authentication.
If you hit the method with a web browser, it will return an error message about failing the API authentication. Or maybe you want to limit how many calls a developer can make against your API in a single day. Another possibility is that you want to limit what external developers have access to your API. The function could look like this.
This function is now available and if you check system. Values submitted with the API request for each parameter should match the declared type. The keys are stored in the database and if an API call is made without a key or a bad key, the call is denied and an error message is returned.
Since we are providing this function to allow developers to test their API clients, we will require neither API authentication nor user authentication.
You need to write some client code to do this. You may want to control access to some of the functions that you expose.
What sort of data are you trying to expose? Perhaps you are exposing functions in order to integrate Elgg with another open source platform on the same server.
Elgg Documentation (master) — Elgg master documentation
The key based approach is very similar to what Google, Flickr, or Twitter. It might look something like this: Recognized parameter types are: So far you have been allowing developers to pull data out of your Elgg site. Be sure to take a look at the APIs created by popular Web 2. How are you going to document your API? Elgg provides two built-in methods to perform API authentication: In this case, it is going to be done by a user. Fortunately, there is a plugin called apiadmin that creates keys for you.
Further, to test the exposed method from a web browser, you could hit the url: This will also be covered. Do not enable web services if your site is not served via HTTPs.
Additionally, you may want to control what types of authentication are available on your site.
Parameters expected by each method should be listed as an associative array, where the key represents the parameter name, and the value contains an array with typedefault and required fields.
To test this method, you need an Dcumentation key.
How do you want them to get access to authentication keys? This is especially important if you allow API key only authentication.
Elgg master Documentation — Elgg master documentation
Elgg provides a token-based approach for user authentication. API will throw on exception if validation fails. Please note that you will not be able to test this documenattion a web browser as you did with the other methods. You may want to make sure that API authentication is required for ALL methods, even if they require user authentication.