How to…

How do I call the API?

API call are secured by the OAuth protocol, version 2.0. That means that the calls have to contain a special parameter called access_token

How do I get an access token?

You can get an access token following this flow:
  1. Ask the user for granting access. Make a web request to /webapps/uocapi/oauth/authorize, with the following parameters:
    1. client_id: Application identifier. If you don't have one, ask for a key right now!
    2. response_type: code
    3. scope: Scopes needed by the application, separated by a blank space ("+" character once encoded in URL)
    4. redirect_uri: Callback URL of your application to go after the authorization process is finished.
  2. If the authentication is successful, a call to redirect_uri will be done, with a parameter called code. Your application will have to made a POST request to /webapps/uocapi/oauth/token, with the following parameters:
    1. grant_type: authorization_code
    2. client_id: Application identifier. If you don't have one, ask for a key right now!
    3. client_secret: Application secret. If you don't have one, ask for a key right now!
    4. code: Code received as a parameter
    5. scope: Scopes needed by the application, separated by a blank space ("+" character once encoded in URL)
    6. redirect_uri: Callback URL of your application to go after the authorization process is finished.
  3. You'll get the access token, the refresh token and expires_in. With those you can now make API calls!
As a suggestion, save these values (access token, refresh token and expires_in) for future calls within your application

Which grant_type?

You have to user and authorization_code grant type.

My access token is expired, how do I get a new one?

When yo initially get the access token you also receive to additional parameters: refresh_token and expires_in. The first one is a token for getting a new access token without having to the whole authorization process. The second parameter tells you when the access token is about to expire. Many OAuth libraries have the functionality to tell you if the access token is still valid. If your access token is expired, you'll have to make a request to oath/refresh with the refresh_token for getting a new access token.

Which IDE do I have to use?

The API is based on REST architecture, based on HTTP calls. This architecture is independent of the programming language of the client application and the IDE to use. In fact, your application determines which IDE you'll have to use. If you are developing an Android application we suggest you use Eclipse. However, if you are developing an iOS application our recommendation here is Xcode. If you are using another language, such PHP, ruby, python, etc. you can choose more than one IDE (Aptana, Coda2, Textmate, Smultron, etc). Our suggestion here is to choose whatever IDE you're most comfortable with. This is a tool you will be using a lot.

I don't like your client libraries. Can I use another ones?

Of course you can, any library that allows you to make REST calls with OAuth 2 will work for you.

How do I know which type of board is?

Every board resource has a member subtype. Inspecting this member you'll find whether a board is a forum, debate or board. Current values are:

Forum

  • WKGRP_FO
  • WKGRP_FO_FIL
  • WKGRP_NOUS
  • ASSMEMBERM

Debate

  • WKGRP_DE
  • WKGRP_DE2
  • WKGRP_DE3
  • WKGRP_DE4
  • WKGRP_DE5
  • WKGRP_DE_FIL
  • ASSMEMBER

Board

  • PRIVBB_FINAL
  • PRIVBB_PROF
  • PRIVBB_TP
  • PRIVBB_COORD
  • PRIVBB_FV
  • PRIVATEBB