API credentials
Introduction
The Shardimage system provides API keys and Access tokens for the secure API communication and for the image hosting. This article is about creating and using these tools.
API key
API keys are indispensable tools for the API communication; they provide authentication between the client and the API server.
Creating
Creating and updating API keys is only possible from the Shardimage website. You can set 3 attributes for the API key, all of them are optional: - expiry date: after this date the key won’t work - cloud ID: restrict the API key for the given cloud - comment: additional information
After creating the key we get an API secret hash for the API communication and an Image secret hash for the URL generation.
Usage
Our Shardimage PHP SDK package provides easy installation; for more information please check here »
Example code:
use shardimage\shardimagephp\auth\Client;
$client = new Client([
'apiKey' => '<apiKey>', //key to use the API or the image serving
'apiSecret' => '<apiSecret>', //secret to use the API
'imageSecret' => '<imageSecret>' //secret to gain more security on image serving
'cloudId' => '<cloudId>', //default configuration for cloud ID, it can be overwritten in later usage
]);
Access token
Access token has two types: upload and URL token; therefore, the token can be used at image upload and image URL generation. It’s purpose is to give more funcionality to these services.
Creating
The access token can be created through API and from the Shardimage website. At the moment, listing tokens is only available on the website.
It is mandatory to set the expiry date, usage limit and the token type. Depending on the type we can set different extras for the token. It is important to mention that, if you choose url token type, the Secret extra attribute will be mandatory because it needs to exist during URL generation.
For more information about extra attributes, check here »
Creating with SDK:
use shardimage\shardimagephp\auth\Client;
use shardimage\shardimagephp\models\accesstoken\ImageUrlAccessToken;
use shardimage\shardimagephp\models\accesstoken\ImageUrlAccessTokenExtra;
$client = new Client([
'apiKey' => '<apiKey>',
'apiSecret' => '<apiSecret>',
'imageSecret' => '<imageSecret>',
]);
$extra = new ImageUrlAccessTokenExtra();
$extra->secret = 'g412j3hgas8da5sd6ljj3424jlsdcv';
$token = new ImageUrlAccessToken(); // Type is already configured
$token->expiry = time() + 3600; // Alive for 1 hour
$token->limit = 1000; // Can be used for 1000 times
$token->extra = $extra;
$result = $client->getAccessTokenService()->create($token);
Usage
Using Access token is similar to the API key, Shardimage SDK gives good opportunity for easy usage.
use shardimage\shardimagephp\auth\Client;
$client = new Client([
'apiKey' => '<apiKey>',
'apiSecret' => '<apiSecret>',
'imageSecret' => '<imageSecret>'
'cloudId' => '<cloudId>',
'apiAccessToken' => '<apiAccessToken>', // generated token
'apiAccessTokenSecret' => '<apiAccessToken>', // secret string if it's image url token
]);
If token is set, it will be used automatically during the image upload. Simple example:
$result = $client->getUploadService()->upload(['file' => "/var/www/myfiles/myimage.png", 'publicId' => 'myimage']);
During URL generation we need to set the security to token.
$url = $client->getUrlService()->create(['cloudId' => '<cloudId>', 'publicId' => 'myimage'], ['security' => 'token']);