InfoSpace - Access Keys
SDK Home | Client Side Results SDK - Home
Page last modified: 24 Apr 2017

To communicate with the InfoSpace Search API, you must use an access key. This page describes the process of programmatically signing each request with your access key. To get an access key and accessId contact your Partnership Manager.

Overview

To use an access key for search requests to the InfoSpace API you must sign all requests. This allows the API to validate that the requests originated from your application, and prevents unauthorized access to the API using your credentials. Without a valid signature, the requests will be rejected, and no results returned.

Prerequisites:

  • An InfoSpace search accessId
  • An InfoSpace access key
  • The system clock on each server that signs a request to be accurate within a maximum deviation of 1 minute.
  • The signature is a specially formed binary hash of the following three values:
    1. Request date and time
    2. Access key/token
    3. Query term(s)

NOTE: The query term used to generate the signature must be the exact same query term that is passed to the doSearch() request. For example, if the query term will be trimmed of trailing spaces before making the request to doSearch(), ensure this happens prior to generating the signature.

Algorithim

The basic algorithm for creating the signature starts with creating a timestamp as follows:

  1. Start with the UTC/GMT time
  2. Round to the nearest minute (30 seconds or greater rounds up, otherwise round down)
  3. Format the time as a string: yyyyMMddHHmm
    • yyyy - 4 digit year
    • MM - 2 digit month, 01-12
    • dd - 2 digit day, 01-31
    • HH - 2 digit hour, 24-hour clock, 00-23
    • mm - 2 digit minute, 00-59
  4. Concatenate the values together in the following order:
    • timestamp
    • access key
    • query term(s)
  5. Decode concatenated string into its binary representation according to whatever encoding it follows (likely UTF-8).
  6. Perform a SHA-1 hash of the binary value.
  7. Encode the hashed value using the url-safe base-64 encoding method, see http://tools.ietf.org/html/rfc4648#section-5

Sample Code

See our sample code page for code samples in multiple languages.