To use the API you will first need an API Key and API Secret. Most requests require a signature in order to validate the request (Login and Site Initialization do not).
Signing GET Requests
- Sort your parameters alphabetically by name. For example, if you are trying to retrieve a list of files in a particular location and use the following parameters:
- path: "/"
- sort_by: "date_asc"
- api_key: "key"
https://<yoursubdomain>.filetransfers.net/api/file_list?api_key=key& path=/&sort_by=date_asc×tamp=<current time>
If you would like to perform an action on behalf of a user other than yourself, first acquire an authorization code via the User Authentication method. Then, use the parameter auth_code, alphabetically ordered amongst your other parameters.
https://<yoursubdomain>.filetransfers.net/api/file_list?api_key=key&auth_code=<authorization_code> &path=/&sort_by=date_asc×tamp=<current time>
- Using the URL, create a signature using HMAC-SHA256, using the SHA1 hash of your API secret as the key. An example in PHP would look like this:
$signature = hash_hmac("sha256", <URL from above>, sha1(<your API secret>)); - Add this signature as a parameter to the end of your URL like this:
https://<yoursubdomain>.filetransfers.net/api/file_list?api_key=key &path=/&sort_by=date_asc×tamp=<current time>&signature=<signature>
Signing POST/PUT/DELETE Requests
- Simply pass the URL of the API method into your HMAC-SHA256 signature creator. An example in PHP:
$signature = hash_hmac("sha256", "https://[yoursubdomain].filetransfers.net/api/ file_upload", sha1(<your API secret>)); - Pass the signature as a parameter in your POST/PUT/DELETE body along with your other parameters.
If you would like to perform an action on behalf of a user other than yourself, first acquire an authorization code via the User Authentication method. Then, include this parameter auth_code amongst your other parameters.
