API Keys & Sessions

Greg Kolinski edited this page Jan 5, 2018 · 4 revisions

Back To ECGridOS User's Guide Home


API Keys and Sessions form an integral part of ECGridOS. They are essential to authentication and security. Understanding them is key to creating robust, efficient ECGridOS applications.

The API Key or SessionID is a Globally Unique Identifier (GUID) presented in string format:

      XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX

APIKey

The API Key is the preferred way to authenticate to ECGridOS. Using an API Key allows you to make API calls without using Login() and Logout(). Each user is assigned a unique API Key at sign up that acts as a persistent Session ID, essentially pre-authenticating the user. In ECGridOS you can substitute your API Key for the the Session ID anywhere in the API.

GenerateAPIKey() is used to create a new API Key for a user.

SessionID

A typical session will last only a few seconds. Applications should only be logged into a session long enough to perform a specific task.

Login() can be used to create a limited use SessionID and Logout() should be used at the end of the session.

Login() and Logout() are not used with the APIKey.

Session NetworkID/MailboxID:

Many ECGridOS functions have a standard and Ex format (e.g. ParcelInBox and ParcelInBoxEx). The standard version always applies the NetworkID and MailboxID belonging to the user of the current SessionID or APIKey. The Ex variant allows the NetworkID and MailboxID to be specified – and requires that the user have authorization to the specified NetworkID and MailboxID for that specific API call. Attempting to access a NetworkID or MailboxID without sufficient authorization will result in an Access Denied error.


Back To ECGridOS User's Guide Home

Clone this wiki locally
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.