Request
Field | Type | Description |
|---|---|---|
Content-Type | String | application/json |
Authorization | String | ALTR API's authorization protocol relies on a properly formatted authorization header. The accepted format is: "ALTR " + api_key + ":" + signature. signature is a base64-encoded, SHA-256 hash that uses the API key's secret as the key for the hash function. The payload being hashed must follow the format: HTTP-METHOD + "\n" + RESOURCE + "\n" + DATE + "\n". DATE must match X-ALTR-DATE, and RESOURCE must be empty for a POST request. An example payload for a POST request is: "POST\n\n01-01-1970 00:00:00\n" |
X-ALTR-DATE | Date | The datetime used in the authorization signature. If this is more than 15 minutes past the server's internal clock, the request will be rejected. |
Content-Length | Number | Size of the request. The request will be rejected with a 509 status code if the request if over 500kb. |
Response
Field | Type | Description |
|---|---|---|
X-Bytes-Consumed | Number | The number of bytes written to the distributed ledger and counted against the Key's organization. The number may differ from the Content-Length header becuase the string representation of the data is written to the distributed ledger. |
X-Overflow-Data | Boolean | This flag will be set if any single value is greater than 3kb, or the entire batch is greater than 500kb. |
date = new Date();
payload = 'POST\n\n' + date + '\n';
API_KEY = <your API key>;
SECRET = <your API secret>;
{
"X-ALTR-DATE": date,
"Authorization": "ALTR " + API_KEY + ":" + base64(hmac-sha256(payload, SECRET)),
"Content-Type": "application/json",
"Content-Length": 12345
}
{
"X-BYTES-CONSUMED": 12345,
"X-OVERFLOW-DATA": true
}
200
Field | Type | Description |
|---|---|---|
token | String | On success, the JSON values given in the body will be replaced with the tokens. If any single value is greater than 3kb, X-Overflow-Data will be set to true and the value will be set to null in the response |
HTTP/1.1 200 OK
{
"key-1": "token1",
"key-2": "token2",
"overflow-key": null
}
Error Codes
Code | Name | Description |
|---|---|---|
400 | bad_request | Organization data cap exceeded. |
401 | unauthorized | The API key could not be authenticated. |
403 | forbidden | API key does not have write permissions. |
503 | internal_error | The web server encountered an unexpected error. |
509 | bandwith | Limit Exceeded Request exceeded 500kb limit. X-Overflow-Data header will be set to true. |
HTTP/1.1 503 Internal Server Error
{
"success": false,
"response": {
"error_type": "internal_error",
"error_message": "Unable to process request at this time."
}
}
HTTP/1.1 400 Bad Request
{
"success": false,
"response": {
"error_type": "bad_request",
"error_message": "Organization data cap exceeded"
}
}
HTTP/1.1 400 Bad Request
{
"success": false,
"response": {
"error_type": "bad_request",
"error_message": "Invalid JSON detected. Failed unique key check"
}
}
HTTP/1.1 401 Authentication Required
{
"success": false,
"response": {
"error_type": "unauthorized",
"error_message": "API key must be included in header."
}
}
HTTP/1.1 403 Forbidden
{
"success": false,
"response": {
"error_type": "forbidden",
"error_message": "API key does not have write permission."
}
}