Version User Scope of changes
Aug 1 2008, 3:11 PM EDT devin_wetpaint 4 words added, 1 word deleted
May 14 2008, 2:32 PM EDT ryan_wetpaint 1 word added, 1 word deleted

Changes

Key:  Additions   Deletions

HTTP MethodURIReturns
POST/UserService/login.doA ticket
Example Request ( required parameters in red ):

http://wapi.wetpaint.com/UserService/login.do?URL:
http://wapi.wetpaint.com/UserService/login.do

Post Parameters:
output=api&
key=yourissueddeveloperkey&
ns=yourassignednamespace&
cred.ts=1208733600&
cred.sig=a67987e9875ffb32&
user.userId=youruser&
user.email=someuser%40theirdomain.com&
user.emailOptIn=true&
user.role=registered&
user.avatarUrl=http%3A%2F%2Fwww.yourdomain.com%2Fuser%2Fsomeuser%2Favatar.png&
user.displayName=Some+User&
user.profileUrl=http%3A%2F%2Fwww.yourdomain.com%2Fuser%2Fsomeuser.html

Example Response:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<response>
<ticket>fbaaa8ff41d5ca7efc86c6ea2c8d66dae1878720bf3ac...</ticket>
</response>


Overview:
This call logs in a user and passes, amongst other things, the optional user role (see below for more on roles). The first time you login a given user, Wetpaint creates a corresponding record in our database. Subsequent login calls may update Wetpaint's stored values for a given userId. (A user's unique userId cannot be changed after initial login.)

This call returns a ticket. This ticket grants this user access to Wetpaint functionality for ten hours. Clients provide the ticket parameter to any subsequent ajax api calls made on behalf of said user.

Please note, the algorithm used to generate the developer credential signature has changed. See the description of cred.sig below for more details.

Required Parameters:
Common required parameters plus:

cred.ts
The current time, expressed as the number of seconds since January 1, 1970 12:00 am GMT. This must be within five minutes of Wetpaint server time. Example data is available.
cred.sig
Developer credential signature. This is calculated as the HMAC-SHA-1 hash of the developer key (the key parameter), the user ID (the user.userId parameter, described below), and the current timestamp (the cred.ts parameter). The key used by the HMAC-SHA-1 algorithm should be the developer secret. For example, in PHP: $sig = hash_hmac( "sha1", $developer_key . $user_id . time(), $developer_secret, FALSE ); Example data is available.
user.userId
Unique ID of user to log in.
user.email
Email address of user.
user.emailOptIn
Opt-in for notification emails ( values can be: true or false; 1 or 0; or yes or no ).
output
Currently only api output is supported for this call.

Optional Parameters:
Common optional parameters plus:

user.displayName
Publicly displayable name for user. If not provided, the userId is used in place of this value.
user.profileUrl
URL for user's profile page. If not provided, this user's name will not be linked when displayed.
user.avatarUrl
URL for user's avatar image. If not provided, a generic avatar will be displayed for this user.
user.role
Role of user. May have the values registered, moderator, or banned. If not provided, defaults to registered. For more information on what each role can do from a user experience perspective please consult the features and functionality documentation.

Returns:
An XML node containing the user's ticket. This ticket grants the user access to Wetpaint functionality for ten hours. If you are interested in viewing/using the response xsd definition, you can find it here.