home api list

Hexostore API Documentation

bundle_permission_request

/api/bundle_permission_request/

List methods: get, post

Detail methods: get, put, delete

A pseudo-resource for requesting permissions from other users. The URLs used in the callback loop are not configurable and will direct users to Hexoskin servers. Thus a third-party client may initiate a permission request if desired, but cannot complete it.

You may request a list of tokens that involve the current user by making a GET request to the list endpoint as with other resources. Each token is identified by a resource_uri which you may use to delete the request. Note that this resource_uri is not the same as the URL used to redeem a token.

The request/redeem loop is as follows:

Make a POST request with the bundle_permission object you wish to create. That will trigger an email to be sent to the user_target user containing an URL with an embedded, single-use token.

POST https://api.hexoskin.com/api/bundle_permission_request/
{
    "user_target":"[user URI]",
    "user_allowed":"[user URI]",
    "bundle":"[bundle URI]"
}

The token is embedded in the URL as a GET arg:

[URL]?token=[token]

When the user visits the URL, you can check the token by making a GET request to the token location. The token location is the POST URI with the token appended to the path.

GET https://api.hexoskin.com/api/bundle_permission_request/[token]/

To redeem the token, submit an empty PUT to the token location URL.

PUT https://api.hexoskin.com/api/bundle_permission_request/[token]/

Note that the token is only valid for the user_target. Therefore any requests that use the token made by other users will fail.

Fields

bundle:

A reference to the resource. Maybe specified by URI or ID. Using a URI is recommended.

This field is returned fully populated.

This field is required.

redeem_url:

Unicode string data. Ex: "Hello World"

This field may be blank

This field may be null

resource_uri:

The unique URI where the object resides.

This field is readonly.

ttl:

Integer data. Ex: 2673

This field may be blank

This field may be null

user_allowed:

A user. Maybe specified by URI, email, or ID. Using a URI is recommended.

This field is returned fully populated.

This field is required.

user_target:

A user. Maybe specified by URI, email, or ID. Using a URI is recommended.

This field is returned fully populated.

This field is required.

Filtering Options

No filtering supported

Sorting Options

No sorting supported

© 2024 by CarrĂ© Technologies Inc.