The best place to start working with the Lionbridge onDemand API is List Services (/api/services - if you are using the standard developer sandbox site, the url will be https://developer-sandbox.liondemand.com/api/services). This is a resource that returns a list of services (quality levels) that are available on the site. List Services is a good place to familiarize yourself with the authentication scheme because you can be certain that a successful request will return data.
The table below contains headers you must provide in your request.
|Accept||This refers to the format of data that you are submitting and will accept back. Currently the only valid value is 'text/xml'. In future releases of the API, we will be adding alternative data formats such as JSON.||text/xml|
|Authorization||This header contains information that will authenticate your request. See below for instructions on generating it.||
|X-LOD-VERSION||This tells the API what version the client is expecting. Updates to the API will check the version to ensure backwards compatibility.||2014-06-10|
|X-LOD-TIMESTAMP||An ISO 8601 formatted timestamp. Please use up to the millisecond for maximum variability||2014-02-21T07:49:24.655024|
Generating The Authorization Header
A well formed authorization header will look like this:
(no line breaks)
- "LOD1-BASE64-SHA256" is a static string that tells the api what authentication method you are using. At this point, we only support this custom scheme.
- "pqtFIPPCBVNQBdVDFQHU" is the Key ID part of your API Key ID/Secret pair
- "KHv9F2GrUmy0lZlFB2C7ZriWkZLNQd9HObNFdczsquY=" is a base64 encoding of a SHA256 digest of the following string: method + ":" + resource + ":" + secret + ":" + headers where:
- method = "GET"
- resource = "/api/services"
- secret = the secret in your api key
- headers = timestamp + ":" + version + ":" + accept. For example: "2014-02-21T07:49:24.655024:2014-02-28:text/xml"
- "x-lod-timestamp;x-lod-version;accept" is a static string telling the the api the components of the signature.