Ukulima User Guide Version 1.0.0


Ukulima REST API Specifics

Ukulima.net severs its data through a REST API.

We use Oauth 2.0 as our main authentication protocol.
Before making calls to the Resource server ( at https://ukulima.net/developer/data/server),
you must first obtain an access token from the Oauth server ( at https://ukulima.net/developer/data/oauth).
Mobile application developers can use our Oauth proxy (at https://pamojamedia.com/oauth/proxy/start).

Mobile application Developers

First, sign up for a key here. You will get an email with your client_id and client secret.
These will be used for the Oauth process. You need to bake these within your application. (The client secret should never be stored in human readable form in your application.)
For now, you'll make Oauth calls as follows:

  http://pamojamedia.com/oauth/proxy/start (POST)

variables-> (client_id, client_secret, username, password)
client_id and client_secret developer specific.
username and password are user specific.
The result is an xml output with the nodes error, error_message and access_token. If the node error has a value greater than 0, there is an error which will be specified in the error_message node. It is advisable to parse the error node first to detect errors in aouthentication. Parse the access_token node to get your access token.
Use the access token to make calls to the resource server as follows:

  http://ukulima.net/developer/data/server/(METHOD)?access_token=XXXX|xxxxxxxxxxx&scope=basic&(other variables - method specific)

»Example: http://ukulima.net/developer/data/server/userprofile?access_token=XXXXX|xxxxxxx&scope=basic

The above url will return a users profile.
¡Note— The url must contain the variables access_token and scope irregardless of how the method receives its variables (POST or GET) with the exception of the methods register and activate


Web Application Developers

First sign up for a key here. You will get an email with your client_id and client secret.
These will be used for the Oauth process. You need to bake these within your application. The client secret should never be stored in human readable form in your application.)
For now, you'll make Oauth calls as follows:

  http://ukulima.net/developer/data/oauth?response_type=code&scope=basic&client_id=(your client id)&redirect_uri=(your redirect uri)
If the user is not logged in to ukulima.net, you will be presented with a login screen.
Once logged in, the user will be asked to approve or deny the application request to access their personal information. Deny will redirect back to your original page, approve will proceed to providing you with an access code.

  http://example.com/ukulima_oauth_client/index.php/signin/redirect?code=02f7ee450b59234627ec8c7ed5cq125d&state=

Use the code provided to get an access token:

  https://ukulima.net/developer/data/oauth/access_token?grant_type=authorization_code&client_id=(your client id)&client_secret=(your client secret)&redirect_uri=(your redirect uri)&code=(the code provided)
The return is in json format
Example:
{"access_token":"kl28374kdye3287","token_type":"","expires_in":"","refresh_token":""} Once you have the access token, you can now store it and make requests to the resource server.


Ukulima.net API Methods
Resource Description
POST register input username -(text) firstname -(text) lastname -(text) password -(text) confirm -(text) phonenum -(valid Phone number | specifically 2547XXXXXXXX). Returns a success message if successful, error message if unsuccesful. (state 400).
POST activate input username -(text) code -(text - the activation code sent to the user via SMS). Returns a success message if successful, error message if uncussesful. (state 400).
GET userprofile Returns a user's profile.
GET usermessages Returns a user's messages, both outbox and inbox.
GET userupdates Returns a the state of a user's timeline.
GET userupdateview input updateid-(Valid Update ID). Returns a specific update from a user's timeline.
GET userconnected Returns a list of people a user is connected to.
GET usertracks Returns a list of people tracking a user.
POST sendmessage input subject-(text) content-(text) receivers-(Comma Separated Integers - Valid User ID's)
POST update input: ownerid-(User ID) text-(text). Owner ID is a valid user ID and when specified means the update is actually a wall post from the app user to user2 (whose User ID is ownerid)'s wall
POST comment input: text-(text) updateid-(Valid Update ID | For the update you're commenting on)