PRODUCT
Follow

Overview

To ensure that all client and end-user data is kept private and secure, all API interactions require authentication of the client or application.

Any API request is validated with a unique set of credentials relevant to the application that handles the communication. Currently, Sizmek Ad Suite (SAS) supports a single, simple authentication method based on a manual pre-generated API username and password.

The API credentials are assigned to a specific API user, maintain a defined set of permissions, and uphold a defined request quota. For more information, see Quotas and Limitations on API Requests.

Important

Important: You cannot exceed 10 simultaneous, active, API sessions with the same user credentials.

Authentication Flow

The current authentication flow follows these steps:

  1. Client is generated with a specific API username, password, and API key.

  2. Application that starts engaging the API uses the username, password, and API key to generate a SAS session token.

    • For the sandbox environment, the login URL is the following:

      https://adapi.uat.sizmek.com/sas/login/login
    • For the production environment, the login URL is:

      https://adapi.sizmek.com/sas/login/login/
      

JavaScript Flow Example

  1. Authenticate with API assigned user and password, and API key. Then, call a specific API method:

    var settings = {
        "url": "https://adapi.uat.sizmek.com/sas/login/login",
        "method": "POST",
        "timeout": 0,
        "headers": {
            "Content-Type": "application/json",
            "api-key": "api key token",
            "": ""
        },
        "data": "{username:\"Username\", password: \"Password\"}",
    };
    
    $.ajax(settings).done(function(response) {
        console.log(response);
    });
    
  2. Implement the method adding the generated token and the API key in the "Authorization" header:

    function call_method_x(sessionId) {
        $.ajax({
            url: "https://adapi.sizmek.com/sas/ads",
            type: "GET",
            contentType: 'application/json',
            data: 'from=0&max=25',
            headers: {
                'Access-Control-Allow-Origin': '*',
                'Content-Type': 'application/x-www-form-urlencoded',
                'Authorization': sessionId
                'api-key': key,
     }, 
     
     success: function (data) {
     console.dir(data.result);
     }
     });
    }

Credentials and Tokens

It is important to remember that the API credentials and generated token grant access to make requests and get access to the application data. Consider these values as sensitive as passwords; do not expose or share these values with non-trusted parties.

HTTPS Protocol

Authentication and all other requests are only secure if SSL is used. Therefore, all requests must use the HTTPS protocol.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk