Bunchball Developer Wiki

 

Nitro REST APIs

Page history last edited by Vijay Myneni 1 week ago

The Nitro APIs enable you to leverage all the capabilities of the Nitro platform - firing actions, generating leaderboards, crediting and debiting points, user manipulation, etc.

 

Methods

 

Protocol

The Nitro APIs use a REST-like interface.

  • Requests are name-value pairs sent via HTTP GET or POST. Order is immaterial. Names and values are case-sensitive.
  • Responses are XML or JSON. Whether the request generates an error or not, an XML or JSON stream will be sent back to the application as a response to the request.
  • Errors are sent in the response via <Error> elements, and contain an error code and an error message. Errors are in the following format.

 

<nitro >
    <Error>
        <Code>102</Code>
        <Message>Invalid Signature</Message>
    </Error>
</nitro>

 

Users

Users are created on-the-fly in the Nitro API. It is assumed that you will do all the necessary user authentication on your own site. Anytime a method is called for a user that doesn't already exist, a record is created for them. We have an optional user registration system for sites that don't have their own registration.

 

Security

  • Keys: To access the Nitro APIs, you will need an API Key and a Secret Key. You will be given your API Key and Secret Key in an email. Your API Key is public and anyone can see it. Your Secret Key should never be included in any code that is sent to a user's client (html page, Flash movie, etc.). If your Secret Key is lost or compromised, you should immediately request a new one. These are available in the Admin UI.
  • IP Whitelisting: In the Site > Security section of the Admin UI, you can enter the IP addresses of your servers into an IP Whitelist. Only machines with IPs on this Whitelist will be able to do any "write" commands - including point crediting and debiting, and logging actions. Ranges and hostnames can also be entered.

 

Sandbox

You should do all your testing against our sandbox server. The endpoints for this server are:

 

Your site can be administered via the Admin UI - you will need your API Key and an Admin username and password to login here. These should have been sent to you via email. If not, please ask your Bunchball contact for an account. Use the API Console in the Admin UI to try the various methods and examine their return values and formats. 

Comments (0)

You don't have permission to comment on this page.

Printable version
 
Anonymous Create an account or Log in