Token Operations
Validate a file token without requiring the transmission of a secret passphrase. POST only.
Request:
requestType is decodeFileToken
file is the path to the file that was signed
token is the token of the file, as generated by Generate File Token
Response:
account (S) is the account number that generated the token
accountRS (S) is the Reed-Solomon address of the account
timestamp (N) is the time (in seconds since the genesis block) that the token was generated
valid (B) is true if token is valid, false otherwise
requestProcessingTime (N) is the API request processing time (in millisec)
Note: Since token contains the token generator's public key and digital signature, file can be validated as signed by the owner of the public key, and the public key determines the account ID.
Example: Refer to Decode File Token example.
Validate a token without requiring the transmission of a secret passphrase.
Request:
requestType is decodeToken
website is the signed text, typically an authorized URL
token is the token generated by Generate Token
Response:
account (S) is the account number that generated the token
accountRS (S) is the Reed-Solomon address of the account
timestamp (N) is the time (in seconds since the genesis block) that the token was created
valid (B) is true if token is valid, false otherwise
requestProcessingTime (N) is the API request processing time (in millisec)
Note: Since token contains the token generator's public key and digital signature, website can be validated as authorized by the owner of the public key, and the public key determines the account ID.
Example: Refer to Decode Token example.
Generate a file token. POST only.
Request:
requestType is generateFileToken
secretPhrase is the passphrase of the account generating the token
file is the path to the file to be signed
Response:
token (S) is a 160 character string representing the 100-byte token which consists of a 32-byte public key, a 4-byte timestamp, and a 64-byte digital signature
account (S) is the account number corresponding to secretPhrase
accountRS (S) is the Reed-Solomon address of the account
timestamp (N) is the time (in seconds since the genesis block) that the token was generated
valid (B) is true if token is valid, false otherwise
requestProcessingTime (N) is the API request processing time (in millisec)
Note: Since token contains the token generator's public key and digital signature, the file can be validated as digitally signed by the owner of the public key using Decode File Token.
Example: Refer to Generate File Token example.
Generate a token. POST only.
Request:
requestType is generateToken
secretPhrase is the passphrase of the account generating the token
website is a web site URL for which authorization should be granted, or general text to be digitally signed
Note: website is typically a URL (with the leading http:// unnecessary) that an account owner signs with his secretPhrase (private key) to bind the account to the URL, but website can be any text that the owner wishes to sign.
Response:
token (S) is a 160 character string representing the 100-byte token which consists of a 32-byte public key, a 4-byte timestamp, and a 64-byte signature
account (S) is the account number corresponding to secretPhrase
accountRS (S) is the Reed-Solomon address of the account
timestamp (N) is the time (in seconds since the genesis block) that the token was generated
valid (B) is true if token is valid, false otherwise
requestProcessingTime (N) is the API request processing time (in millisec)
Note: Since token contains the token generator's public key and signature, the website can be validated as authorized by the owner of the public key using Decode Token.
Example: Refer to Generate Token example.
