Authentication (published apps)

If you plan to publish your app in our marketplace for other Nexudus customers to use, you will need a combination of an App Key and an App secret to authenticate your requests. 

To make a request to the API you will need to issue a HTTP request using the appropriate VERB and always including a Basic Authentication header.

Request Headers:
Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

To calculate this token you need to use the application Id and application secret that you can find in each of the applications you have created in your account.

Each application running on Nexudus has a key and a secret. It is very important that you never share your application secret, doing so will mean that someone could access all the accounts which installed your application on your behalf.

Never share your secret key!

Registering an Application

Before you can start developing your app, you will need to register an Application in your Nexudus account. This will let you test the installation process within your account. Once your Application is published, any Nexudus customer will be able to install it in their account.

Managing Applications can only be done using the REST API.

Before you can start developing your app, you will need to register an Application in your Nexudus account. This will let you test the installation process within your account. Once your Application is published, any Nexudus customer will be able to install it in their account.

Create Application

You can use the standard REST API to Create an Application

Get Applications Secrets

Once your Application is registered, a secret will be generated for it. You can use the following endpoint to obtain it.

GET https://spaces.nexudus.com/api/apps/applications/my

🔒 Requires role "Application-Read

 

Example request

GET https://spaces.nexudus.com/api/apps/applications/my
Content-Type: application/json
Authentication: Basic ZXhhbXBsZUBuZXh1ZHVzLmNvbTpFeGFtcGxlMTIzNA==

 

Example response

[
 {
 "Name": "ExcelMatic",
 "ApplicationKey": "f36292c02d9c438d98d8c9eb34897c90",
 "SecretKey": "b5d83da7a....7febc62d8dc"
 },
 {
 "Name": "Ezeep",
 "ApplicationKey": "27b6a3ce6d26431991847af19e63a3cb",
 "SecretKey": "6d7c2c75a641....eea21a81"
 },
 {
 "Name": "Example",
 "ApplicationKey": "d4176f7334ea4c5a835ba7ca48729203",
 "SecretKey": "3c2a5a7849c....4c8e6ad9"
 }
]

 

Creating an Authentication Token.

To create the authentication token you will need to combine the information you know about your application, such as its key and secret, with a piece of information we provide to you when an user installs your application in their account.

When creating an application, we will ask you for an URL. This address is where we will send that piece of information, and usually, where your application will be hosted.

In the example above, when users install your app, we will ask them if they are happy to install your app, and if so, we will redirect them to "http://myapp.com/Install" and provide you with the bit of data you need to create the authentication token.

If the user accepts to install your application, then we will make a request to the "Install Url" with the following parameters:

http://myapp.com//Install?
a=d420667525e0489d91068cbf732fe1dc&
t=c90e30fca71a4c37810a292b99d4d4f2&
d=634963729314011098&
h=785a10afef749b1c26cc3c5eb3989082&
b=subdomain&
e=user_email@example.com

a: is your application key. t: is a token you will need to generate the authentication token. d: a number representing the current time h: a MD5 hash of t|a|date in alphabetical + your secret. b: your Nexudus Spaces subdomain e: the email of the user installing your application

When receiving this request, your application should check that the request is legitimate. You do this by recalculating the hash yourself and then checking that it matches the h paremeter your received from our servers.

//Calculate hash
var param = new[] {token, app, date};
param = param.OrderBy(x => x).ToArray();
var calculatedHash = (string.Join("|", param) + secret).MD5();

//Check if the request is valid
var valid = (calculatedHash == hash);
      

Once you know the request is coming from Nexudus Spaces, you can create the authentication token. This token will allow you to make requests to the API. To create the token concatenate the token your received (t) and the secret, then MD5 hash that string.

var authToken = (token + secret).MD5();

Now that we have the authentication token we can make requests to the API. For each request, you will need to make sure that you add an authentication header.

var uri = "https://spaces.nexudus.com/api/businesses"
var client = new HttpClient(uri);
client.DefaultHeaders.Authorization = Credential.CreateBasic(username, password);

If you need to manually create the value header, it's calculated by Base64 encoding the string username:password. The username is the application key (not the secret!) and the password is the token you created following the steps above.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Please sign in to leave a comment.