You are here: Developers > OpenX Platform API > Authentication reference > Programmatic authentication

Programmatic Authentication

Last updated on August 8, 2017

Use Case: You would use programmatic authentication if you are accessing OpenX protected resources with your own credentials only and don't plan on providing a web-based login form for other Users.

To run automated processes, include a valid username and password in your code or make them available to the code. If successful, programmatic logins return oauth_token and oauth_verifier in the body of the response.

Important: Your client application must be able to persist cookiesSmall text files sent from a web server to a browser, then returned by the browser each time it logs on to that server. Advertisers use cookies to monitor the number of ads that have been shown to a visitor, while they are used by websites to gauge numbers of unique visitors. across an HTTP 302 redirect in a cookie named openx3_access_token, which must be present in all API requests.

Authenticating a User using OAuth involves the following steps:

  • Step 1 - Request an unauthorized request token

  • Step 2 - Authorize the User

  • Step 3 - Request an access token

  • Step 4 - Use the access token to access protected resources

These steps are the same as Browser-Based Authentication except for a few details, which will be explained in each step. Only the differences will be explained in this procedure.

Step 1 - Request an unauthorized request token

Difference between programmatic and browser-based authentication:

Because this is programmatic authentication instead of browser-based, you must set the callbackUrl to oob (out-of-band), which tells the OAuth server that you are not redirecting a User to a URL. The OAuth Server returns the request token.

Step 2 - Authorize the User

Difference between programmatic and browser-based authentication:

Authorize the request token by sending an HTTP POST request to https://sso.openx.com/login/process with the following parameters:

Request parameters

Parameter Description
email The User's email address
password The User's password
oauth_token The OAuth request token

Sub-steps

For programmatic authentication, the client application must pass in the request token (oauth_token) and the User's email and password to https://sso.openx.com/login/process (NOT https://sso.openx.com/login/login).

Step 3 - Request an access token

Difference between programmatic and browser-based authentication:

This process is the same as browser-based authentication with the addition of a third sub-step:

Sub-step 3.3: Consumer (your application) persists the access token in a cookie

The Consumer (your application) should now persist the access token in a cookie so that it can be used to access the protected resources. The cookie should be named openx3_access_token, which must be present in all API requests.

Step 4 - Use the access token to access protected resources

Difference between programmatic and browser-based authentication:

None

The client application uses the access token to perform OpenX API operations.

Important: You must refresh the OpenX session at least once every two hours or your session will expire.

Important: Passwords expire after six months. Ten days before your password expires, OpenX will send you an email reminder to change your password.

Logging out

When finished with your API session, you should terminate it explicitly by sending DELETE /session to log out.

Feedback form