To use the WizeHive API and authenticate users, you first need an API key.
With the API key, you'll also receive a shared secret that is used to sign requests.
Almost all of the WizeHive API methods require a signature.
For example, if your shared secret is
When your application user is directed to this URL, WizeHive will require them to login with their username and password and ask if they want to authorize your application to access their account.
If the user agrees, they are redirected to your callback URL, with a
With the API key, you'll also receive a shared secret that is used to sign requests.
Almost all of the WizeHive API methods require a signature.
Signing Requests
To generate a signature, you take your shared secret and prepend it to an alphabetically sorted list of arguments, and then take the md5 sum of this string.For example, if your shared secret is
000005fab4534d05and the parameters you are passing are:
dog=foo cat=bar elephant=bazTo sign this request, you would:
- Sort your parameters by key name and append them together:
dog=foo cat=bar elephant=baz
becomes:catbardogfooelephantbaz
- Prepend your shared secret:
000005fab4534d05catbardogfooelephantbaz
- Calculate the MD5 hash of the above string:
ee30254b3ac602bfbfe716d33dc1735c
api_sigparameter.
Authenticating Users
To authenticate users for your application, construct an authentication URL such as:http://www.wizehive.com/services/auth/?api_key=123&perms=delete&api_sig=ee30254b3ac602bfbfe716d33dc1735cValid
permsare:
read
– gives the ability to read task, workspace, activity and people details and contents.write
– gives the ability to read, add and modify tasks, workspaces, notes and people details and contents.delete
– gives the ability to read, add, modify, and delete tasks, workspaces, notes and people details and contents.
api_sigparameter is calculated by the instructions above.
When your application user is directed to this URL, WizeHive will require them to login with their username and password and ask if they want to authorize your application to access their account.
If the user agrees, they are redirected to your callback URL, with a
frob. Something like this:
http://www.example.com/wizehive.php?frob=1bc29b36f623ba82aaf6724fd3b16718Your application will now need to make a call to wizehive.auth.getToken, passing this
frobparameter, and you will get back an
<auth>element with a token:
<auth> <token>022ae2856657803a9d38be53c9208329</token> <perms>read</perms> <user id="682" username="mcarlson" fullname="Mark Carlson"/> </auth>You will use this
auth_tokenparameter for all further authenticated API calls.