Get XID Info

Returns information about a particular XID. If the user represented by the auth token supplied is not allowed to descrambl the content as represented by the given XID, an HTTP code of 406 (“Not Acceptable”) is returned (as compared to the code of 403, which means that the supplied auth token was invalid and was therefore not allowed to make the API call).

Because attempts to descrambl content are tracked, the domain of the browser page currently being view must be included. Note that the parameter is mislabeled (for historical reasons) as “url” rather than “domain”. Scrambls is not meant to needlessly and wantonly track user activity and recording the entire URL ventures into privacy violations.

URL format: https://host/api/xcontent/{xid}?url={domain}
HTTP Method: GET
HTTP Headers: x-xloak-authtoken: auth-token
x-xloak-k: APIkey
URL Parameters: {xid}: the ID of the cloaked content, as returned at some point in the past from the Create Content ID API.
{url}: the domain of the page that has the cloaked content on it.
Returns: status code 200 if the user can descrambl the content. The returned body is JSON similar to the following:

{'info': {'isSecret': False, 'type': 'default', 'key': 'abcdef', 'isOwner': true, 'xpid': '81'}, 'message': '', 'result': 'OK'}

where 'isSecret' is true if the content can be descrambld by entering a shared Secret. The descrambling key is given in the 'key' field, and the scrambling scheme is contained in the 'type' field value.

status code 403 if there was no auth ticket supplied or if the auth ticket is invalid.
Status code 406 if the user represented by the auth token does not have the privilege to descrambl.