...
All DDS services have to be authenticated against the Bokbasen authentication service as described below. The Bokbasen authentication service is used across Bokbasen’s services, so you also use the same process for retrieving Metadata. The documentation for the authentication API is also available online at https://bokbasen.jira.com/wiki/display/api/Authentication+Service
Login and Authorization
A distributor will be assigned a username and password when created. The username and password is used against the authentication service to create a token, this token (referred to as TGT) is then used against all other service calls to DDS. The token has a limited validity (2 hours) so the implementation must re-create the token on a regular basis.
To create a token use the POST call to the service, you can also actively logout and make the token invalid by using the DELETE call to the service.
(Lenke til dokumentasjonen )
Example usage
HTTP Header Authentication
All REST service calls to DDS have to be authenticated using the TGT-token from the authentication service. In addition, you need to include a date header, with the current time in GMT using a date format following RFC 1123.
Note that in addition to the token (TGT-*) you received from the authentication service, you need the static name “Boknett” in the header. Your Date header should be current on every request, and the request will fail if there is more than a 15 minutes difference in the Date header and the Bokbasen server clock. Bokbasen recommend that your server is using a NTP service to assure synched times.
<Lenke til dokumentasjonen>
DDS Inventory
Introduction
Skrive litt her om inventory og lenke til confluence siden.
Bokbasen is renewing its Authentication service. Look her for more information.
Authentication Service (upcoming)
DDS Inventory
Introduction
This web service retrieves information about all e-/audio books available in DDS based on your users access rights and permissions.
DDS ID Management (IDM)
Introduction
Bokskya is our cloud storage services for the end consumer. This API describes how to create and administrate user accounts and authorize reading devices and applications.
Bokskya ID is the customers unique ID. The ID is created using e-mail address as identifier.
All IDM services are available under a separate domain: idp.dds.boknett.no (production) and idp.dds.boknett.webbe.no (test). Access to these services uses the same authentication as the order services described in this document (see “Login and Authorization” section).
These services should These services must be integrated in your user registration process, so that you ensure that all your user accounts have a corresponding Bokskya account.
...
Web services to create and administer Bokskya ID
Support for Adobe Vendor ID
Recommended process:
ValidateAccount: Use this service to verify if there is an active account.
RegisterAccount: Use this service only if one can't verify that there is an active account.
AuthUserByPartner: Use this service only IF one is about to do a login by VendorID.
...
DDS Orders
Introduction
DDS make available products that can be sold in an online store. This API describes how to place orders to DDS for the e-/audio books sold. The process for placing an order is to first call the order REST API, then using the GET content API to retrieve the item that was bought.
...