Content Fabric API
Eluvio Content Fabric API
Authentication
- HTTP: Bearer Auth
- HTTP: Basic Auth
Access to content fabric objects and resources is governed by an Ethereum-compatible blockchain. Each API resource (for example a library, content type or content object) is governed by a blockchain 'smart-contract'. All content fabric API operations require authentication using the "Bearer" token scheme. This scheme encompasses both "authentication" (identifying the caller) and "authorization" (specification of the operations that the caller has access to). The "Bearer" token is obtained by executing specific 'smart-contract' blockchain transactions for the API resources being accessed.
Private fabric nodes or development environments can also be configured for alternative authentication schemes. Currently this includes "Basic" authentication and, for development environments, no authentication.
The "Bearer" token can be specified as follows:
as an HTTP header
Authorization: Bearer TOKENas a query parameter
?authorization=TOKEN
Bearer token general format: PAYLOAD.SIGNATURE
Where PAYLOAD is a base64 encoding of the JSON object:
{
"qspace_id": "SPACE-ID",
"qlib_id": "LIBRARY-ID",
"addr": "BLOCKCHAIN-ADDRESS",
"tx_id" : "BLOCKCHAIN-TRANSACTION-ID"
}
SIGNATURE is a base64 encoding of the Ethereum signature, calculated as specified by the Ethereum protocol: https://github.com/ethereum/wiki/wiki/JSON-RPC#eth_sign
Creating, modifying and accessing content fabric objects require either "access" or "update" transaction IDs. These operations can only be executed by full blockchain user accounts, which must be funded in order to execute transactions. Once the transaction is executed by the blockchain, its ID will be specified in the token field "tx_id".
Consumer operations don't require funded blockchain accounts, and they are restricted to "viewer" operations, which are only available on content objects that have been specifically published for consumer access. The token is generated by executing a state channel transaction - the state channel allows for low latency response to the user (not requiring waiting for the execution of a blockchain transaction) and mass scalability by posting aggregated transactions to the blockchain in large batches.
Security Scheme Type: | http |
|---|---|
HTTP Authorization Scheme: | bearer |
Bearer format: | Base64 encoded JSON element of the following form: |
See bearer authentication above.
Security Scheme Type: | http |
|---|---|
HTTP Authorization Scheme: | basic |