API Reference

Authentication

Describes how to send credentials with your requests

The MediaSilo API supports two types of authentication: Basic Auth and Session Auth. For both authentication methods you must send a MediaSiloHostContext header whose value is your MediaSilo domain name.

Basic Authentication:
This implementation is the simplest technique for enforcing access controls to web resources because it doesn't require cookies, a session identifier and login pages. Rather, HTTP Basic authentication uses static, standard HTTP headers which means that no handshakes have to be done in anticipation.

Credentials are [Base64](http://google.com encoded and sent via https to the MediaSilo API.

// Example Headers

Authorization : Basic a3FpcTJhZGDsOkKvbGxlZ2Ux
MediaSiloHostContext : myaccount

// Authentication failed

// PHP example for authenticating requests and sending host context

$apiurl = "https://api.mediasilo.com/v3/me/";

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$apiurl);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); 
curl_setopt($ch, CURLOPT_USERPWD, $username . ":" . $password);
curl_setopt($ch, CURLOPT_HTTPHEADER, Array("MediaSiloHostContext: " . $hostname));
$status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); 
$result=curl_exec($ch);
curl_close ($ch);

Session Authentication:
Sessions are another method to authorize requests against the MediaSilo API. They allow you to make requests without passing your username and password with every request, however, you have to create a session first before you can make any other requests against the API.

The session will automatically expire after 60 minutes of inactivity. Each time an API endpoint is called with the session, the expiration will be reset.

  1. Create a Session with the user's account, username, and password
  2. Include required headers on all future calls
    • MediaSiloSessionKey is the id returned by create-session
    • MediaSiloHostContext is the MediaSilo account input by the user
  3. Call Ping-Pong to keep the session alive when the user is idle
/**
*
*  Create Session
*
**/
function createSession(userName, password, accountName) {
  $.ajax({
    type: "POST",
    url: "https://api.mediasilo.com/v3/session",
    data: JSON.stringify({
      "accountName": accountName,
      "userName": userName,
      "password": password,
      "setCookies": false,
    }),
    dataType: "json",
    success: function( response ) {
      config.sessionkey = response.id;
      config.hostname = accountName;
      config.username = username;
      // handle success
    },
    error: function( response ) {
      switch (response.status) {
        case 400: // Malformed request
          // handle 400
          break;
        case 401: // Password does not match username
          // handle 401
          break;
        case 404: // Username does not exist
          // handle 404
          break;
      }
    }
  });
}

/**
*
* Get User Account Information
*
**/
function getMe() {
  $.ajax({
    type: "GET",
    dataType: "json",
    url: "https://api.mediasilo.com/v3/me",
    beforeSend: function(xhr) {
      xhr.setRequestHeader("MediaSiloSessionKey", config.sessionkey);
      xhr.setRequestHeader("MediaSiloHostContext", config.hostname);
    },
    success: function( response ) {
      config.user = response;
      config.firstName = response.firstName;
      config.lastName = response.lastName;
      config.email = response.email;
      // handle success
    },
    error: function( response ) {
			// handle errors
    }
  });
}


/**
*
*  Refresh Session
*  Called periodically to ensure the session is still valid
*
**/
function keepAlive() {
  $.ajax({
    type: "GET",
    dataType: "text",
    url: "https://api.mediasilo.com/v3/ping",
    beforeSend: function(xhr) {
      xhr.setRequestHeader("MediaSiloSessionKey", config.sessionkey);
      xhr.setRequestHeader("MediaSiloHostContext", config.hostname);
    },
    error: function( response ) {
      // handle errors
    }
  });
}


/**
*
*  Delete Session
*
**/
function deleteSession(id) {
  $.ajax({
    type: "DELETE",
    url: "https://api.mediasilo.com/v3/session/" + id,
    beforeSend: function(xhr) {
      xhr.setRequestHeader("MediaSiloSessionKey", config.sessionkey);
      xhr.setRequestHeader("MediaSiloHostContext", config.hostname);
    },
    error: function( response ) {
      // handle errors
    }
  });
}

// Example Headers

MediaSiloSessionKey : a123f7f995642sdf873rfd50f27bd92ea918
MediaSiloHostContext : myaccount

📘

Security Consideration

Add your credentials to the request header rather than the URL to avoid sending your credentials clear text. Also, be sure to submit all requests over HTTPS rather than HTTP.