Blipfoto API

Authentication for a desktop / mobile application

This guide outlines the process for authenticating a user using a compiled application such as a desktop or mobile application.

  1. Obtain an Application Secret

    The Application Secret is used to sign authenticated requests to the API, and should never be revealed publicly. Your Secret will appear underneath your API Key in the Edit API Key screen. Read more...

  2. Direct the user to API Permissions

    Users must give permission for your application to access their account. To do this, you ask your user to visit a special Blipfoto URL, providing your API Key. Upon approval, they will be shown a 6-digit code, which your application should prompt for. Read more...

  3. Obtain an Identity Token

    After receiving this 6-digit temporary token from the user, your application can exchange it for an Identity Token. The Identity Token is used to identify the user and your application to the API. Read more...

  4. Sign calls to authenticated resources

    You now have all that is required to authenticate calls for your user. The Application Secret and Identity Token are used to create a signature that verifies the user to the API. Read more...

© All material on this site is copyright Blipfoto and its contributors.