When attempting to access the BellaDati API, a client application needs to prove it has been authorized by a valid user. To do this, the application supplies an access token previously obtained during Authentication.

Authorization Header

The access token is passed in the HTTP authorization header of an API request. OAuth authorization requires parameters set in the following way:

• Parameter names and values are encoded per parameter encoding (e.g. UTF-8).
• Each parameter name is immediately followed by an ‘=’ character (ASCII code 61), a ‘”’ character (ASCII code 34), the parameter value (may be empty), and another ‘”’ character (ASCII code 34).
• Parameters are separated by a comma character (ASCII code 44) and optional linear whitespace.

A valid header might look like this:

Authorization: OAuth realm="https://service.belladati.com/",
                 oauth_consumer_key="myKey",
                 oauth_token="nd7an9eba41c",
                 oauth_timestamp="137131200",
                 oauth_nonce="4572616e48616d6d65724c61686176"

Sample Request / Response

curl -H "Authorization: OAuth realm=\"https://service.belladati.com/\", oauth_consumer_key=\"myKey\", oauth_token=\"nd7an9eba41c\", oauth_timestamp=\"135131231\", oauth_nonce=\"randomString\""  https://service.belladati.com/api/reports

{
  "reports" : [
    {
      "id" : 12345,
      "description" : "This is a sample report.",
      "name" : "My Report",
      "owner" : "John Smith",
      "lastChange" : "Mon, 16 Apr 2012 10:17:26 GMT"
    }
  ],
  "offset" : 0,
  "size" : 100
}