Skip to main content
Version: 1.0.0

Content Fabric API

Eluvio Content Fabric API

Authentication

Access to content fabric objects and resources is governed by an Ethereum-compatible blockchain. Each API resource (for example a library, content type or content object) is governed by a blockchain 'smart-contract'. All content fabric API operations require authentication using the "Bearer" token scheme. This scheme encompasses both "authentication" (identifying the caller) and "authorization" (specification of the operations that the caller has access to). The "Bearer" token is obtained by executing specific 'smart-contract' blockchain transactions for the API resources being accessed.

Private fabric nodes or development environments can also be configured for alternative authentication schemes. Currently this includes "Basic" authentication and, for development environments, no authentication.

The "Bearer" token can be specified as follows:

  1. as an HTTP header Authorization: Bearer TOKEN

  2. as a query parameter ?authorization=TOKEN

Bearer token general format: PAYLOAD.SIGNATURE

Where PAYLOAD is a base64 encoding of the JSON object:


{
"qspace_id": "SPACE-ID",
"qlib_id": "LIBRARY-ID",
"addr": "BLOCKCHAIN-ADDRESS",
"tx_id" : "BLOCKCHAIN-TRANSACTION-ID"
}

SIGNATURE is a base64 encoding of the Ethereum signature, calculated as specified by the Ethereum protocol: https://github.com/ethereum/wiki/wiki/JSON-RPC#eth_sign

Creating, modifying and accessing content fabric objects require either "access" or "update" transaction IDs. These operations can only be executed by full blockchain user accounts, which must be funded in order to execute transactions. Once the transaction is executed by the blockchain, its ID will be specified in the token field "tx_id".

Consumer operations don't require funded blockchain accounts, and they are restricted to "viewer" operations, which are only available on content objects that have been specifically published for consumer access. The token is generated by executing a state channel transaction - the state channel allows for low latency response to the user (not requiring waiting for the execution of a blockchain transaction) and mass scalability by posting aggregated transactions to the blockchain in large batches.

Security Scheme Type:

http

HTTP Authorization Scheme:

bearer

Bearer format:

Base64 encoded JSON element of the following form: { "qspace_id": "...", "addr":"...", "txid":"..." }