Recent pages

Edit
page

New
page

Print
page
Page last modified 06:22, 23 Aug 2011 by igor.savchenko
1
Page Notifications Off
Scalr Documentation > API > Using the Query API

Using the Query API

From $1

    The Request ID

        In every response from Scalr, you will find a string element called TransactionID. This is simply a unique identifier Scalr assigns to this request for tracking and troubleshooting purposes.

     Query API Authentication  

        You can send Query requests over HTTPS only. You must include a signature in every Query request. This section describes how to create the signature.

     

    To create the signature v2

    1. Create the canonicalized query string that you need later in this procedure:

      1. Sort the UTF-8 query string components by parameter name with natural byte ordering.

        The parameters can come from the GET URI or from the POST body (when Content-Type is application/x-www-form-urlencoded). 

      2. Concatinate name and values to a single string (eg. var1value1var2value2)

    2. Calculate an RFC 2104-compliant HMAC with the string you just created, your API Access Key (You can get it on 'Settings -> System settings' page) as the key, and SHA256 as the hash algorithm.

      For more information, go to http://www.ietf.org/rfc/rfc2104.txt.

    3. Convert the Resulting value to base64.

    4. Use the Resulting value as the value of the Signature request parameter.

        The final signature you send in the request must be URL encoded as specified in RFC 3986 (for more information, go to http://www.ietf.org/rfc/rfc3986.txt). If your toolkit URL encodes your final request, then it handles the required URL encoding of the signature. If your toolkit doesn't URL encode the final request, then make sure to URL encode the signature before you include it in the request. Most importantly, make sure the signature is URL encoded only once. A common mistake is to URL encode it manually during signature formation, and then again when the toolkit URL encodes the entire request.

     

    To create the signature v3

    Signature v3 added with API version 2.3.0 and compatible with all API versions. We're recomending to use this method.

    It is baisically the same as v2, except query string format evolved to this:

    %Action%:%KeyID%:%TimeStamp%"

    To use new signature you also need to add the following data to your query:

    AuthVersion = 3

    Query Example

    LaunchFarm API Request

    https://api.scalr.net/?Action=LaunchFarm
&FarmID=123
&Version=2.3.0
&KeyID=<Your Scalr API Key ID>
&TimeStamp=2009-06-19T05%3A13%3A00.000Z

    Following is the string to sign v2

    ActionLaunchFarmFarmID123KeyID5d0e16f7498c41ccTimeStamp2009-06-19T05:13:00.000ZVersion2.3.0

    Following is the string to sign v3

    ActionLaunchFarmKeyIDTimeStamp2009-06-19T05:13:00.000ZVersion2.3.0

    Following is the signed request for old API versions

    https://api.scalr.net/?Action=LaunchFarm
&FarmID=123
&Version=2.3.0
&KeyID=<Your Scalr API Key ID>
&TimeStamp=2009-06-19T05%3A13%3A00.000Z
&Signature=<URLEncode(Base64Encode(Signature))>

    And for API versions since 2.3:

    https://api.scalr.net/?
KeyID=KeyID=<Your Scalr API Key ID>
&FarmID=123
&TimeStamp=2011-08-22T13%3A03%3A05.000Z
&AuthVersion=3
&Version=2.3.0
&Signature=<URLEncode(Base64Encode(Signature))
&Action=FarmLaunch
    Tags: (Edit tags)
    • No tags
    Attach file or image
    Files (1)
    FileSizeDateAttached by 
     scalr-sign.py
    example of how to sign a request in python
    		459 bytes21:13, 15 Feb 2010bernard?Actions
    Comments (3)
    Viewing 3 of 3 comments: view all
    #1
    bernard? says:
    It seems that perhaps section 1b (URL Encoding) isn't required - the PHP sample code doesn't seem to do it, and my client didn't work until I removed that step from the signature algorithm (and it seems to work correctly without it).

    The documentation would be enhanced by showing an example signed request with a given KeyID and secret and the calculated signature to allow a check of the signing algorithm when using those inputs.
    Posted 07:37, 21 Dec 2009
    #2
    asafg? says:
    @bernard:
    Could you give me some details regarding the signature?
    I am having problems generating it. I tried to use Python and I have no idea what am I doing wrong.
    Posted 03:09, 11 Feb 2010
    #5
    bernard? says:
    @asafg - I've attached a file that includes a code sample that ought to get you going. I'm using a slight variation on this (it's part of a class) and haven't actually executed the code I uploaded, but I think it should work (it's pretty minimally changed from the version we're using in production).
    Posted 02:14, 16 Feb 2010
    Viewing 3 of 3 comments: view all
    You must login to post a comment.

     
    Powered by MindTouch Core