Steps to Authenticate User
- Log in to your CO3 account with a user who has Super Admin rights. Go to the Users & Settings tab then select Account settings. In the Account data section you can see your account name and your API key.
- Create an XML which you will POST to the API
<?xml version="1.0" encoding="utf-8"?> <command> <authenticate> <api_key><![CDATA[put-your-api-key-here]]></api_key> <username><![CDATA[put-username-here]]></username> <password><![CDATA[put-password-here-with-md5]]></password> </authenticate> </command>
The password is MD5 hahsed!
- Create a secure connection to the CO3 and POST your XML to get your session key
$opts = array( 'http' => array( 'method' => 'POST', 'header' => array( 'Connection: close', 'Content-Type: text/xml; charset=utf-8', 'Content-Length: '.strlen($xml) ), 'content' => $xml ) ); $context = stream_context_create($opts); $response = file_get_contents("https://co3app.com/api/authenticate", false, $context); echo $response;
The response will be your session key. The session key is valid for 5 minutes and you have to use it in all of your requests!
- The session key is belongs to the authenticated user. In this case the user rights will be used in the session.