Using The ApisPlease see the DeveloperReference for full details on the scrambls API'sServer APIThe scrambls Server API defines the model and operations needed to work with the accounts and key management facilities of the policy server. All interaction with the policy server is through this API and all requests require some form of authentication, partner-level and user(account)-level. Account-level authentication is required for most, but not all, operations. The API is HTTP-based and generally follows the RESTful pattern. It requires JSON data to be POSTed and PUT to it, and it returns data in JSON format. It uses HTTP headers to hold the authentication information and will reject requests without valid authentication tokens and keys. “API Keys” are issued to organizations by Wave and uniquely identify that organization for purposes of tracking API usage, account creation, etc. API Keys are long-lived and must be kept secure by the organization they are issued to. In contrast, authentication tokens are issued to users logging in to the system and are temporal in nature with a validity period being a maximum of two weeks. All requests to the policy server through the server API require an API key; most operations also require a user authentication token, with the notable exceptions being user authentication and account creation (for obvious reasons). |