API Documentation

Description

Creates or validates a Shutterfly user authentication token.

Call Signature

Application ID and call signature are required. Please see Call Signature documentation for more details.

Resource Path

This API uses the following resource path element:

/auth

It may appear in combination with its parent:

User Data API - Example:

/user/testuser1234@yahoo.com/auth
/userid/000012345678/auth

Methods

POST - Creates a new user authentication token.
GET - Validates a user authentication token and gets some of its internal contents.

Scheme

https

Host

ws.shutterfly.com

Method Endpoint example

POST https://ws.shutterfly.com/user/testuser1234@yahoo.com/auth

GET https://ws.shutterfly.com/auth

Method	Endpoint example

POST	https://ws.shutterfly.com/user/testuser1234@yahoo.com/auth

GET	https://ws.shutterfly.com/auth

In the following Method detail sections, click on Method name to expand or collapse the detail.
Click here to expand/collapse all.

Method: POST

Creates a new user authentication token.

This method needs a /user or /userid path element, e.g.: POST /user/testuser1234@yahoo.com/auth

NOTE: Apps do not need to use this method, if they use the Interactive Sign-in or Seamless Sign-in flows for authentication.

Https

Secure http (https) is required for this method. Http requests will not be accepted.

Sample Input

<?xml version="1.0" encoding="UTF-8"?>
<entry xmlns="http://www.w3.org/2005/Atom"
	xmlns:user="http://user.openfly.shutterfly.com/v1.0">
	<category term="user" scheme="http://openfly.shutterfly.com/v1.0" />
	<user:password>pass</user:password>
</entry>

Submit the following as an Atom XML entry, as in the Sample Input.

Content-Type

application/atom+xml

user entry

category

<category-term="user" scheme="http://openfly.shutterfly.com/v1.0"/>

/entry/user:password

The user's password.

Count: 1

Length: 4 - 10

Example: mypassword

Sample Output

<?xml version="1.0" encoding="UTF-8"?>
<entry xmlns="http://www.w3.org/2005/Atom"
	xmlns:openfly="http://openfly.shutterfly.com/v1.0"
	xmlns:user="http://user.openfly.shutterfly.com/v1.0">
	<title>New Auth Token</title>
	<link rel="self" type="application/atom+xml"
	  href="http://ws.shutterfly.com/user/test@example.com/auth/9f24c7e26557f1e2cf2b2322daf71025"/>
	<category term="user" scheme="http://openfly.shutterfly.com/v1.0" />
	<author>
	  <name>Santa</name>
	  <uri>http://ws.shutterfly.com/user/test@example.com</uri>
	</author>
	<id>http://ws.shutterfly.com/userid/9AbNHLRq4ZE/auth/9f24c7e26557f1e2cf2b2322daf71025</id>
	<updated>2009-01-19T08:00:00Z</updated>
	<published>2009-01-19T08:00:00Z</published>
	<openfly:userid>9AbNHLRq4ZE</openfly:userid>
	<user:newAuthToken>
	  000020854946|1198096051623|97238749a72982896c7d5bf4baccd8ba8e189ec6
	</user:newAuthToken>
	<user:authTokenExpiration>2009-01-21T08:00:00Z</user:authTokenExpiration>
</entry>

Content-Type

application/atom+xml

user entry

HTTP 201 (Created) is the normal response. The response will be an Atom XML entry representing the new user authentication token. Key elements:

category

<category-term="user" scheme="http://openfly.shutterfly.com/v1.0"/>

/entry/published

The token creation date.

Count: 1

Example: 2009-01-19T08:00:00Z

/entry/user:newAuthToken

The new user authentication token, for use with other Shutterfly APIs.

Count: 1

Example: 000020854946|1198096051623|97238749a72982896c7d5bf4baccd8ba8e189ec6

/entry/user:authTokenExpiration

The planned token expiration date and time. It is not guaranteed; Shutterfly reserves the right to expire the token earlier or later.

Count: 1

Example: 2009-01-21T08:00:00Z

Error Codes

If there is no error, methods always return HTTP status code 200 (or 201 for a create operation). See Common Response Codes documentation.

This API has no specific error codes, only the common HTTP responses will be returned.

API Explorer

To see this call in action, use the API explorer.

Method: GET

Validates a user authentication token and gets some of its internal contents.

This method needs no /user or /userid path element; just say GET /auth. But pass a user authentication token by the usual methods (HTTP header or URL parameter). Shutterfly detects the token and, if it is valid, parses and returns some of its internal data. The response is an Atom feed, with one entry describing the token.

Https

Secure http (https) is required for this method. Http requests will not be accepted.

User authorization

User authorization is required for this method. Please see the user authorization documentation for more details.

Sample Output

<?xml version="1.0" encoding="UTF-8"?>
<feed xmlns="http://www.w3.org/2005/Atom"
  xmlns:catinfo="http://catinfo.openfly.shutterfly.com/v1.0"
  xmlns:user="http://user.openfly.shutterfly.com/v1.0"
  xmlns:opensearch="http://a9.com/-/spec/opensearch/1.1/"
  xmlns:openfly="http://openfly.shutterfly.com/v1.0">
  <title>Your Query Results</title>
  <link rel="self" href="http://ws.shutterfly.com/auth" />
  <category term="queryresult" scheme="http://openfly.shutterfly.com/query/v1.0" />
  <id>http://ws.shutterfly.com/auth</id>
  <rights>Copyright (C) Shutterfly 1999-2009. All rights reserved.</rights>
  <opensearch:totalResults>1</opensearch:totalResults>
  <opensearch:startIndex>1</opensearch:startIndex>
  <catinfo:categoryInfo term="user" count="1" />
  <entry>
    <title>Auth Token</title>
    <link rel="self" type="application/atom+xml;charset=UTF-8" href="http://ws.shutterfly.com/auth" />
    <category term="user" scheme="http://openfly.shutterfly.com/v1.0" />
    <author>
      <name />
    </author>
    <id>http://ws.shutterfly.com/auth</id>
    <updated>2009-01-19T08:00:00Z</updated>
    <published>2009-01-19T08:00:00Z</published>
    <openfly:userid>9AbNHLRq4ZE</openfly:userid>
    <user:authToken>000020854946|1198096051623|97238749a72982896c7d5bf4baccd8ba8e189ec6</user:authToken>
    <user:authTokenExpiration>2009-01-14T16:54:17-0800</user:authTokenExpiration>
  </entry>
</feed>

Output Feed

feed

HTTP 200 is the normal response. The response body will be an Atom XML feed, with one entry describing a user authentication token.

category

<category-term="queryresult" scheme="http://openfly.shutterfly.com/query/v1.0"/>

user entry

category

<category-term="user" scheme="http://openfly.shutterfly.com/v1.0"/>

/entry/openfly:userid

The Shutterfly user whom the token is 'for'.

Count: 1

Example: 9AbNHLRq4ZE

/entry/published

The token creation date and time.

Count: 1

Example: 2009-01-19T08:00:00Z

/entry/user:authToken

The user authentication token that you passed in.

Count: 1

Example: 000020854946|1198096051623|97238749a72982896c7d5bf4baccd8ba8e189ec6

/entry/user:authTokenExpiration

The planned token expiration date and time. It is not guaranteed; Shutterfly reserves the right to expire the token earlier or later.

Count: 1

Example: 2009-01-21T08:00:00Z

Error Codes

If there is no error, methods always return HTTP status code 200 (or 201 for a create operation). See Common Response Codes documentation.

This API has no specific error codes, only the common HTTP responses will be returned.

Frequently Asked Questions

General

What do I do with the token?

Pass it as an HTTP header on every Shutterfly Open API call that needs user authentication / authorization, as explained here: User Authentication

How long does a token last?

Generally 2 days. Shutterfly reserves the right to make it last shorter or longer.

Do Shutterfly Open API calls return a specific HTTP code for missing or expired token?

Yes: 401

Shutterfly Open API | User Authentication

Description

Call Signature

Resource Path

Methods

Scheme

Host

Method: POST

Https

Sample Input

user entry

Sample Output

user entry

Error Codes

API Explorer

Method: GET

Https

User authorization

Sample Output

Output Feed

feed

user entry

Error Codes

Frequently Asked Questions

General