Steps to Authenticate User
Log in to your CO3 account with a user who has Super Admin rights. Go to the Users & Settings tab then select Account settings. In the Account data section you can see your account name and your API key.
Create an XML which you will POST to the API .
<?xml version="1.0" encoding="utf-8"?> <command> <authenticate> <api_key><![CDATA[put-your-api-key-here]]></api_key> <username><![CDATA[put-username-here]]></username> <password><![CDATA[put-password-here-with-md5]]></password> </authenticate> </command>
The password is MD5 hahsed!
Create a secure connection to the CO3 and POST your XML to get your session key.
$opts = array( 'http' => array( 'method' => 'POST', 'header' => array( 'Connection: close', 'Content-Type: text/xml; charset=utf-8', 'Content-Length: '.strlen($xml) ), 'content' => $xml ) ); $context = stream_context_create($opts); $response = file_get_contents("https://co3app.com/api/authenticate", false, $context); echo $response;
The response will be your session key. The session key is valid for 5 minutes and you have to use it in all of your requests!
The session key is belongs to the authenticated user. In this case the user rights will be used in the session.