Skip to content

API Keys & Sessions

Jump to bottom
CrystalKLD edited this page Apr 15, 2024 · 8 revisions

Back To ECGridOS Wiki

API Keys and Sessions form an integral part of ECGridOS. They are essential to authentication and security. Understanding them is key to creating robust, efficient ECGridOS applications.

The API Key or SessionID is a Globally Unique Identifier (GUID) presented in string format:

      XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX

APIKey

The API Key is the preferred way to authenticate to ECGridOS. Using an API Key allows you to make API calls without using Login() and Logout(). Each user is assigned a unique API Key at sign up that acts as a persistent Session ID, essentially pre-authenticating the user. In ECGridOS you can substitute your API Key for the the Session ID anywhere in the API.

GenerateAPIKey() is used to create a new API Key for a user.

SessionID

A typical session will last only a few seconds. Applications should only be logged into a session long enough to perform a specific task.

Login() can be used to create a limited use SessionID (Temporary API-Key) and Logout() should be used at the end of the session.

Login() and Logout() are not used with the APIKey.

Session NetworkID/MailboxID:

Many ECGridOS functions have a standard and Ex format (e.g. ParcelInBox and ParcelInBoxEx). The standard version always applies the NetworkID and MailboxID belonging to the user of the current SessionID or APIKey. The Ex variant allows the NetworkID and MailboxID to be specified – and requires that the user have authorization to the specified NetworkID and MailboxID for that specific API call. Attempting to access a NetworkID or MailboxID without sufficient authorization will result in an Access Denied error.

Back To ECGridOS Wiki

Home

Getting Started

ECGridOS Wiki

ECGridOS API Calls

Appendix

Legacy Forum Q & A

Clone this wiki locally