Ukulima REST API Specifics
Ukulima.net severs its data through a REST API.
We use Oauth 2.0 as our main authentication protocol.
Before making calls to the Resource server ( at https://ukulima.net/developer/data/server),
you must first obtain an access token from the Oauth server ( at https://ukulima.net/developer/data/oauth).
Mobile application developers can use our Oauth proxy (at https://pamojamedia.com/oauth/proxy/start).
Mobile application Developers
First, sign up for a key here. You will get an email with your client_id and client secret.These will be used for the Oauth process. You need to bake these within your application. (The client secret should never be stored in human readable form in your application.)
For now, you'll make Oauth calls as follows:
http://pamojamedia.com/oauth/proxy/start (POST)
variables-> (client_id, client_secret, username, password)
client_id and client_secret developer specific.
username and password are user specific.
The result is an xml output with the nodes error, error_message and access_token. If the node error has a value greater than 0, there is an error which will be specified in the error_message node. It is advisable to parse the error node first to detect errors in aouthentication. Parse the access_token node to get your access token.
Use the access token to make calls to the resource server as follows:
http://ukulima.net/developer/data/server/(METHOD)?access_token=XXXX|xxxxxxxxxxx&scope=basic&(other variables - method specific)
»Example: http://ukulima.net/developer/data/server/userprofile?access_token=XXXXX|xxxxxxx&scope=basic
The above url will return a users profile.
¡Note— The url must contain the variables access_token and scope irregardless of how the method receives its variables (POST or GET) with the exception of the methods register and activate
Web Application Developers
First sign up for a key here. You will get an email with your client_id and client secret.These will be used for the Oauth process. You need to bake these within your application. The client secret should never be stored in human readable form in your application.)
For now, you'll make Oauth calls as follows:
http://ukulima.net/developer/data/oauth?response_type=code&scope=basic&client_id=(your client id)&redirect_uri=(your redirect uri)
If the user is not logged in to ukulima.net, you will be presented with a login screen.
Once logged in, the user will be asked to approve or deny the application request to access their personal information. Deny will redirect back to your original page, approve will proceed to providing you with an access code.
http://example.com/ukulima_oauth_client/index.php/signin/redirect?code=02f7ee450b59234627ec8c7ed5cq125d&state=
Use the code provided to get an access token:
https://ukulima.net/developer/data/oauth/access_token?grant_type=authorization_code&client_id=(your client id)&client_secret=(your client secret)&redirect_uri=(your redirect uri)&code=(the code provided)
The return is in json format
Example:
{"access_token":"kl28374kdye3287","token_type":"","expires_in":"","refresh_token":""} Once you have the access token, you can now store it and make requests to the resource server.