To authenticate API calls, developers are required to use Access Token using the OAuth 2 standard.
Needed data for OAuth 2:
1. Client_ID
2. Client_Secret
Workflow
Note: All OAuth requests must occur server-side to protect client_ID and client_secret.
Code Examples:
Curl Example:
curl -i http://api.iris.tv/oauth/access_token
-F grant_type=none
-F client_id= iris_client_test
-F client_secret= client_test_secret
-F scope=iris_tv
PHP Example:
<?php
function generateAccessToken(){
$url = 'http://api.iris.tv/oauth/access_token';
$client_id = 'iris_client_test';
$client_secret = 'test_secret';
$data = array('grant_type' => 'none', 'client_id' => $client_id,
'client_secret' => $client_secret,
'scope' => 'iris_tv');
// use key 'http' even if you send the request to https://...
$options = array(
'http' => array(
'header' => "Content-type: application/x-www-form-urlencoded\r\n",
'method' => 'POST',
'content' => http_build_query($data),
),
);
$context = stream_context_create($options);
$result = json_decode(file_get_contents($url, false, $context));
echo ("'" . $result->access_token . "'");
}
?>
Token Creation
To ensure tokens stay fresh, client should frequently create new tokens use for API calls.