Expand my Community achievements bar.

Better API Documentation


Level 5


Hello All,

I was hoping you could get two things on the roadmap.

1.  Better documentation around your APIs (Though what you have is a great start)

2. Better responses from your APIs when the WSSE Header is wrong (which, though I'm no expert, I feel was stupid hard  "unable to validate" is not helpful).

Here's some things that aren't mentioned (Keep in mind, I'm not a network/IT guy, just trying to help):

1. Nonce / Digest should be ASCII format when created (not sure if this is 100% correct, but it worked for me)
2. Base 64 encoded Digest and Nonce must be DEcoded before sending (this may be common knowledge for some, but wasn't listed)
3. When decoding, you have to remove the leading whites pace from the values that are decoded
4. The POSTMAN example is a good start, but it would be great if you could explain in more detail what is occurring at each step.
5. You don't need a SHA1, you can use any hashing algorithm as long as its sent in the header
6. Each parameter value of the header should be a string, not its raw value at each step.

7.  Give a way to generate the header with hard-coded values (not sure how to work around the timestamp, but it would really help sanity check)

8.  Headers must be passed as a dictionary (in python)

Again, I'm not a developer by trade, so I get there's going to be difficulty.  But if you add a few more clear steps, maybe a tutorial video or two on the concepts involved here, everyone will be able to use the tools more effectively

These are the things I referenced:

python-omniture/account.py at master · dancingcactus/python-omniture · GitHub

Gathering the details to make Reporting API requests | Adobe Developer Connection

GitHub - AdobeDocs/analytics-1.4-apis: Documentation and helpful resources for calling the Analytics...

Also, here is a quick python 3 example you should upload to your docs:

import datetime, pytz, requests, uuid, hashlib, binascii

#use this to get your secret dynamically from your normal login credentials
#r2 = requests.request(method="POST",url="https://api.omniture.com/admin/1.4/rest/?method=Company.GetLoginKey",data = {"company":"yourcompany","login":"login ID", "password":"password"})

Username = "user:company"
Secret = "blabalafoobar"

Nonce = str(uuid.uuid4())

Datum = datetime.datetime.now(tz=pytz.UTC).astimezone(pytz.timezone("US/Mountain")).isoformat()

ShaKey = Nonce+Datum+Secret

Hash = hashlib.sha256(ShaKey.encode())

B64Nonce = binascii.b2a_base64(binascii.a2b_qp(Nonce))

B64Digest = binascii.b2a_base64(Hash.digest())

B64DigestDecoded = B64Digest.decode().strip()

B64NonceDecoded = B64Nonce.decode().strip()

Header = 'UsernameToken Username="{}", PasswordDigest="{}", Nonce="{}", Created="{}", Algorithm="SHA256"'.format(Username, B64DigestDecoded, B64NonceDecoded, Datum)

r = requests.request(method = "POST",url ="https://api.omniture.com/admin/1.4/rest/?method=Company.GetReportSuites", headers={'X-WSSE':Header})