Official sCloud Documentation for Developers.          Version: 3.1      Get the SDK

Introduction Last updated: 27-05-2024

1. User authentication and authorizing your app

sCloud uses OAuth 2.0 for API authentication, authorization and to generate access tokens.

Authorization flow
web flow
code flow



Application creation screen:

Below is a screenshot of the app creator screen on the developers dashboard website. Developers dashboard.

Required information needed on the application creation screen:
Application name This is the name of your application that will connect to sCloud's API.
OAuth redirect URI Your application return url must match this, otherwise an error will be thrown, refer to our error list for more information on errors.
Website Your application website describing your app.
Optional Image Add a image that is shown when people connect or authorize your app.
This can optionally be retrieved from your sCloud photo storage account.
Finally a short description about your app. Input a short description about your app.

You can also delete your application from the developers dashboard you can also view, revoke and change your access tokens for your appplication aswell as revoke individual authorized users of your registered application.

OAuth 2.0 Authorization

[OAuth 2.0] Authorize endpoint.
copy
https://scloud.live/OAuth2/authorize
[OAuth 2.0] Authorization
php javascript ajax java
GET https://scloud.live/OAuth2/authorize?client_id={app_key}&scope={scope}
&response_type=code&redirect_uri={redirect_uri}&state={state}


view raw
(GET) PARAMETERS:
client_id The app's key, found in the Developers dashboard..
OAuth redirect URI Where to redirect the user after authorization has completed. This must be the exact URI registered in the Developers Dashboard.
response_type The grant type requested, either token or code.
scope This parameter allows your user to authorize a subset of the scopes selected in the Developers dashboard. Multiple scopes are separated by a space. If this parameter is omitted, our authorization page will request all scopes selected on the Permissions tab. Read about scopes in the OAuth Guide.
state
The state parameter serves two functions. When the user is redirected back to your app, whatever value you include as the state will also be included in the redirect. This gives your app a chance to persist data between the user being directed to sCloud's authorization server and back again, such as using the state parameter as a session key. This may be used to indicate what action in the app to perform after authorization is complete, for example, indicating which of your app’s pages to redirect to after authorization.

The state parameter also serves as a CSRF protection mechanism if it contains a random value per request. When the user is redirected back to your app, double check that the state value matches what you set it to originally. See Sections 4.4.1.8 and 4.4.2.5 of the OAuth 2.0 threat model spec.
1. Example using our SDK
[SDK in php]
php javascript ajax java
Generates a authorization url to sCloud authorization server.$sCloud->generateAuthUrl(1);
view raw

sCloud redirects the user back to the app, sCloud's API will return a (code) response in the return URL. The redirect will include a code in the URL and the original state parameter that you provided on the authorization request..


https://example-app.com/?code=zxaskrDczMzRlNDEwY&state=9dda75bd30

OAuth 2.0 Access Token

Your application will need to receive an access token before it can make API calls this is done via the OAuth 2.0 protocol using the returned code response from the authorizaton request this is then exchanged for a access token.

[OAuth 2.0] Access token endpoint.
copy
https://scloud.live/OAuth2/access_token
[OAuth 2.0] Access token (CURL)
php javascript ajax java

	curl https://scloud.live/OAuth2/access_token \
    -d code=AUTHORIZATION_CODE \
    -d grant_type=authorization_code \
    -d redirect_uri=REDIRECT_URI \
    -d client_id=APP_KEY \
    -d client_secret=APP_SECRET


//CURL headers

    POST /OAuth/token HTTP/1.1
    Host: https://scloud.live/OAuth2/access_token
 
     code=Yzk5ZDczMzRlNDEwY
     &grant_type=code
     &redirect_uri=https://example-app.com/cb
     &client_id=mRkZGFjM
     &client_secret=ZGVmMjMz
     &code_verifier=Th7UHJdLswIYQxwSg29DbK1a_d9o41uNMTRmuH0PM8zyoMAQ
view raw
[OAuth 2.0] Access token (sCloud SDK | php)
SDK php javascript ajax java

 // Exchange the auth code for an access token
  $token = API('token', array(
    'grant_type' => 'authorization_code',
    'client_id' => $SkycloudClientID,
    'client_secret' => $SkycloudClientSecret,
    'redirect_uri' => $baseURL,
    'code' => $_GET['code']
  ));
view raw
(POST) PARAMETERS:
client_id (String) The app's key, found in the Developers dashboard..
OAuth redirect URI (String) Where to redirect the user after authorization has completed. This must be the exact URI registered in the Developers Dashboard.
grant type authorization_code
code The code that was returned in the redirect after a user authorized your application.
client_secret Secret key known only to the application. It is essentially the application’s own password.

Application authorized users. 1.5

Your app retrieves a access token for each authorized user of your application, the access token is the key to connect to the authorized users sCloud account. Each user authorized can instantly revoke access to your application from with in (My sCloud Dashboard) if desired.

API Requests

All API requests need a access token to be able to use the functionality of the API.

Integrations

Section coming soon..

Section Item 4.1

Section coming soon..