You are here: Photobucket API Help > Getting Started > Consumer Authentication

Consumer Authentication

To secure and verify API Consumers, each API call must be authenticated with the following procedure. This procedure uses the OAuth Consumer/Service Provider authentication protocol.

Notes: 

Requirements

Before you can send requests to Photobucket, you must:

Note: Client computers frequently have clocks that are incorrect. You may need to get the time from an independent source.

Authentication

After you have satisfied the requirements, you can request a page anonymously or request a page as a user.

Notes:

Requesting a Page Anonymously

Many requests to Photobucket do not require a user to be logged in, such as search or getting public albums. The following process follows the OAuth Consumer Request procedure.

Signing Process

  1. Gather your parameters:
  1. Generate the Base String:
  1. Generate the Signature Hash:
  1. Generate the authenticated URL.

Requesting a Page as a Logged-in User

Requests that get private content or write to a user's data (uploads, properties, etc.) must be authenticated as a user. The signing process that follows amends the process in Requesting a Page Anonymously and follows the OAuth Section 6 procedure for getting a user-based access token. See Web User Login for specific details on how to log in as a user.

Signing Process 

The procedure from the Requesting a Page Anonymously section is mostly copied here. Parts added for user authentication are noted in bold green italics.

  1. Gather your parameters:
  1. Generate the Base String:
  1. Generate the Signature Hash:
  1. Generate the authenticated URL.

See the code examples in Logging In, and also see End User Authentication.

 

Published 25-June-10. See developer.photobucket.com for additional resources.