Friendster Developers Platform
Contents
- Overview
- Information Needed for App Registration
- Information Provided to Developers / App Partners after App Registration
- API Authentication/Authorization
- App Install Page
- App Canvas Page
- App Uninstall
- Access from an External Web Application
- API Specifications
- Resizing the Canvas Page Iframe
- Apps UI
- API Test Tool
Overview
The Friendster Developer Platforms provide APIs to access Friendster data and seamless integration points within the Friendster web site to create compelling applications for Friendster's over 75 million users.
You can choose between two platforms:
- The OpenSocial Platform leverages the OpenSocial standard that is being used by a growing community of developers, it allows you to write applications once and run them on all the sites that support OpenSocial. It provides the same user experience on Friendster through the same integration points as Platform V1.
- Platform V1 is the first released development platform for Friendster apps.
Platform V1 and the common integration points are described in the following sections of this page.
Platform V1 APIs provides access to Friendster data through a rich REST-style interface. These resources can be accessed using an API key and a shared secret key that is issued to every application or 'Friendster App'. The resources can be accessed at the endpoint http://api.friendster.com/v1 and tested in the browser using the API Test Tool.
If you are new to the Friendster platform you should go through the Step by Step Guide that shows how to rapidly build an application that integrates with the platform.
The current list of resources supported by the platform is as follows:
| /token | POST | Create a new token that can be exchanged for a session after the user logs in. |
| /session | POST | Create a new API Session. |
| /user | GET | Get User Information for the logged in user. |
| /user/:uids | GET | Get User Information for users in :uids list. |
| /application/friends | GET | Get friends who also installed the current application. |
| /fans/:uid | GET | Get a fan profile's fan list. |
| /friends/:uid | GET | Get user's friend list. |
| /depth/:uid1,:uid2 | GET | Get relation depth (distance) between two users. |
| /photos/:uid | GET | Get user's photos. |
| /photos/ | GET | Get photos for the current logged in user. |
| /photos/:uid | POST | Uploads a photo for the specified user. |
| /photos/ | POST | Uploads a photo for the current logged in user. |
| /photo/:uid/:pid | GET | Get a user's photo. |
| /photo/:pid | GET | Get a photo for the current logged in user. |
| /photo/:pid | PUT | Modify photo attributes. |
| /primaryphoto/:uid | GET | Get a user's primary photo. |
| /primaryphoto/ | GET | Get the primary photo for the current logged in user. |
| /photo/:pid | DELETE | Deletes a user's photos. |
| /albums/:uid | GET | Gets the user's albums. |
| /albums/ | GET | Gets the current user's albums. |
| /album/ | POST | Creates an album. |
| /album/:aid | DELETE | Deletes an album. |
| /shoutout/:uid | GET | Get a user's shoutout |
| /shoutout/ | GET | Get the shoutout for the current user. |
| /shoutout/ | POST | Update a user's shoutout. |
| /widget | POST | Update widget's profile content for the logged in user. |
| /widget | GET | Get widget content and title for the logged in user. |
| /notification | POST | Post a notification |
The following are the current integration points within the Friendster website:
| App Directory | Apps are placed in the App Directory by categories. Friendster users can explore these widgets/applications and add them to their profile. |
| Add App Page | The Add App page displays the app thumbnail and description as well as Friendster's Terms of Service. It prompts for user confimation after the user selects an app from the App Directory. User can choose to invite all their friends to add the application. |
| App Install Page | The user is directed to the App Install page after he/she confirms adding the app. |
| User Profile | Every app gets a module in the profile page and can control its content. Only Flash and static HTML content is currently supported. The chrome of the module includes support for Grabbing apps from someone else's profile to your own etc. |
| App Canvas Page | The App Canvas page opens from the 'edit' button on a app's chrome in the user profile page, or from the app Canvas URL. |
| Tracker | A new event is added to user's network activity when an app is added by the user. |
| Pending App Invitations | "NEW app invitations" appears in user's My Inbox when they receive app invitations from their friends. User can select it to view all their app invitations. |
| Pending App Notifications | "NEW app notifications" appears in user's My Inbox when they receive app notifications from applications they've installed. User can select it to view all their app notifications. |
For more information about the Friendster Developers Platform, email developersupport@friendster.com.
To register your app, click here.
Information Needed for App Registration
App developers provide the following information to get listed in Friendster's App Directory and to get an API Key and API Secret to access Friendster data:
| App Display Name | The name of the app as it appears in the App Directory and the Add App page. |
| App Type | The 'Widget' or 'Application' type for the app. If type is 'Application' only one instance of the app can exist in the user's profile page. |
| Description | The Description of the app shown in the App Directory and the Add App page. |
| Directory Icon | The image displayed in the App Directory and the Add App page. The standard size is 75px * 75px. |
| Tiny Icon | The image displayed in the My Apps page. The standard size is 16px * 16px. |
| App Name | The app name used in the app's Canvas URL, with the format: 'http://apps.friendster.com/<app_name>'. |
| Callback URL | The Callback URL called by Friendster after a successful login or from the app's Canvas URL. Login is used in case of an external web/desktop application requiring Friendster authentication. |
| Install URL | The Install URL called by Friendster when adding the app. This URL may let the user customize the profile content for the app. If left blank the default content is set in the profile. |
| Uninstall URL | The Uninstall URL called by Friendster when user removes the app. |
| Default Content | Default html or javascript profile content for the app. |
| Administrative Email | Email address that Friendster can contact for important updates or issues. |
Information Provided to Developers / App Partners after App Registration
Friendster provides the following keys which are used for every API call:
| API Key | Unique key assigned to every app. |
| API Secret | Secret key that is shared with Friendster. It is used to compute the request signature. |
API Authentication/Authorization
Every API request should have the following attributes:
| api_key | Unique key assigned to every app. |
| session_key |
|
| nonce | Unique id for every call within the same session. This number needs to be unique and incrementing (e.g. current time with milliseconds) to avoid replay attacks. |
| sig | Signature generated by the following method: md5(concatenate( pathinfo, request_attributes_as_name_value_pairs, secret_key)) The request attributes contains all parameters like api_key=value&session_key=value etc in alphabetical key order. |
| other_params | Other API specific parameters. |
Example:
For instance for the following request:
http://api.friendster.com/v1/user/57519?
api_key=2e37638f335f0545c3719d34f4d20ed0&
session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519&
nonce=326233766.3425
The signature is computed as follows, shown here in PHP syntax:
md5(
'/v1/user/57519' .
'api_key=2e37638f335f0545c3719d34f4d20ed0' .
'nonce=326233766.3425' .
'session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519' .
'<secret_key>');
App Install Page
The Install Page is accessed when a Friendster user adds an app from the App Directory, grabs an app from someone's profile or from the Canvas URL if the app is not already installed. The Install URL that you provide upon registering the app is called within an iframe in the Install Page. You should implement this URL to configure and install the profile app through API requests.
After successfully installing the app the user's friends see an event '<user_name> added the app <app_name>' in their tracker.
The Install URL is called with the following parameters:
| user_id | Friendster user ID. |
| api_key | Unique key assigned to every app. |
| src | The source for the callback 'directory' or 'canvas' if it accessed from the Canvas URL. |
| session_key | The session key required for all API requests. |
| expires | The session key expiry in Unix time or 0 for unlimited. A session becomes unlimited once an instance is installed in the user profile. |
| lang | User language setting. Currently supported languages include 'en-US', 'zh-CN', 'zh-TW' and 'es-MX'. Respectively US english, simplified chinese, traditional chinese and spanish. |
| nonce | Unique id for every call within the same session. |
| sig | Signature generated by the same method as for the API calls. |
| parameters (optional) | Any parameter present in the Canvas URL is passed through to the Install URL. |
Example:
For instance the Install URL 'http://mydomain/apps/1444' would be called as follows within the App Install page:
http://mydomain/apps/1444?
user_id=57519&
api_key=2e37638f335f0545c3719d34f4d20ed0&
src=directory&
session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519&
expires=0&
lang=en-US&
nonce=326233766.3425&
sig=012345678901234567890123456789012
The signature is computed as follows, shown here in PHP syntax:
md5(
'/apps/1444' .
'api_key=2e37638f335f0545c3719d34f4d20ed0' .
'expires=0' .
'lang=en-US' .
'nonce=326233766.3425' .
'session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519' .
'src=directory' .
'user_id=57519'
'<secret_key>');
The Install URL 'http://mydomain/apps/1444/' would be called as follows within the App Install page:
http://mydomain/apps/1444/?
user_id=57519&
api_key=2e37638f335f0545c3719d34f4d20ed0&
src=directory&
session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519&
expires=0&
lang=en-US&
nonce=326233766.3425&
sig=012345678901234567890123456789012
The signature is computed as follows, shown here in PHP syntax:
md5(
'/apps/1444/' .
'api_key=2e37638f335f0545c3719d34f4d20ed0' .
'expires=0' .
'lang=en-US' .
'nonce=326233766.3425' .
'session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519' .
'src=directory' .
'user_id=57519'
'<secret_key>');
The flow diagram for adding an app is as follows:
App Canvas Page
The Canvas Page is accessed through the Canvas URL which is a public URL which uniquely identifies the app. It accepts the app name:
'http://apps.friendster.com/<app_name>'
If the app has already been installed, the Canvas Page is opened, it contains an iframe from which the app's Callback URL is called. If the app has not been installed already it leads instead to the Add App dialog.
All references within Friendster use the Canvas URL, in particular from the user profile when clicking the 'edit' button on the app chrome.
The Callback URL is called with the following parameters:
| user_id | Friendster user ID. |
| api_key | Unique key assigned to every app. |
| src | The source for the callback 'directory', 'profile', 'myapps' if accessed from a Friendster page, or 'canvas' if accessed from the Canvas URL. |
| session_key | The session key required for all API requests. |
| expires | The session key expiry in Unix time or 0 for unlimited. A session becomes unlimited once an instance is installed in the user profile. |
| lang | User language setting. Currently supported languages include 'en-US', 'zh-CN', 'zh-TW' and 'es-MX'. Respectively US english, simplified chinese, traditional chinese and spanish. |
| nonce | Unique id for every call within the same session. |
| sig | Signature generated by the same method as for the API calls. |
| instance_id (optional) | The app instance ID which is used to differentiate multiple instances of the same app in the user profile. |
| parameters (optional) | Any parameter present in the Canvas URL is passed through to the Callback URL. |
Example:
For instance the following Canvas URL for the app 'slideshow':
http://apps.friendster.com/slideshow/show1?view=mostrecent&instance_id=3745
The Callback URL 'http://mydomain/apps/1445' would be called as follows within the App Canvas page:
http://mydomain/apps/1445/show1?
view=mostrecent&
instance_id=3745&
user_id=57519&
api_key=2e37638f335f0545c3719d34f4d20ed0&
src=profile&
session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519&
expires=0&
lang=en-US&
nonce=326233766.3425&
sig=012345678901234567890123456789012
The flow diagram for accessing the app's Canvas Page is as follows:
App Uninstall
The Uninstall URL provided by the developer is called when the user deletes the app.
It is called as a POST method with the following parameters:
| user_id | Friendster user ID. |
| api_key | Unique key assigned to every app. |
| src | The source for the callback is always 'delete'. |
| instance_id | The app instance ID which is used to differentiate multiple instances of the same app in the user profile. |
| nonce | Unique id for every call. |
| sig | Signature generated by the same method as for the API calls. |
Example:
The Callback URL 'http://mydomain/apps/1445?action=uninstall' would be called as follows:http://mydomain/apps/1445 Content-Type: multipart/form-data; boundary=xxx MIME-version: 1.0 --xxx Content-Disposition: form-data; name="api_key" 2e37638f335f0545c3719d34f4d20ed0 --xxx Content-Disposition: form-data; name="user_id" 57519 --xxx Content-Disposition: form-data; name="action" uninstall --xxx Content-Disposition: form-data; name="src" delete --xxx Content-Disposition: form-data; name="instance_id" 3745 --xxx Content-Disposition: form-data; name="nonce" 326233766 --xxx Content-Disposition: form-data; name="sig" 012345678901234567890123456789012
Access from an External Web Application
External Web applications can access the Friendster APIs after authentication through the Login URL. A login prompt lets the user enter his/her username and password and then calls the Callback URL.
The Login URLs for production and staging are as follows:
http://www.friendster.com/widget_login.php?api_key=<API_KEY>&next=<ENCODED_ARGS>
http://qa.www.friendster.com/widget_login.php?api_key=<API_KEY>&next=<ENCODED_ARGS>
The Login URL is called with the parameters:
| api_key | Unique key assigned to every app. |
| next (optional) | The 'next' parameter can contain any argument the application wants to be passed through to the callback URL. |
After a successful login the Callback URL is called with an authentication token that the application can exchange for a session key, which is required by all API calls. The Callback URL is called with the following parameters:
| api_key | Unique key assigned to every app. |
| src | The source for the callback is always 'login'. |
| auth_token | Authentication token to be exchanged for a session key. |
| lang | User language setting. Currently supported languages include 'en-US', 'zh-CN', 'zh-TW' and 'es-MX'. Respectively US english, simplified chinese, traditional chinese and spanish. |
| parameters (optional) | Parameters expanded from the 'next' parameter in the login URL. |
Example:
For instance the following application passes its own internal user ID to the login request:
http://www.friendster.com/widget_login.php?
api_key=2e37638f335f0545c3719d34f4d20ed0&
next=myparam1%3DID0001%26myparam2%3DSome+text+string
Where:
%3D is '='
%26 is '&'
+ is ' '
Assuming the callback URL is http://mydomain/apps/1444, it would be called as follows:
http://mydomain/apps/1444?
api_key=2e37638f335f0545c3719d34f4d20ed0&
src=login&
auth_token=846d79676186569.74429552&
myparam1=ID0001&
myparam2=Some+text+string&
lang=en-US&
nonce=326233766.3425&
sig=012345678901234567890123456789012
APIs
Create New Token
Resource URL: http://api.friendster.com/v1/token
Methods: POST (creates a new token)
Resource Description: API to generate a token to exchange for a session key.
Request :
| string | api_key | Unique API ID given to each widget/application. |
| numeric | nonce | Unique id for every call within the same session. |
| string | sig | Signature of the Request. |
| string | format (optional) | XML (default), JSON |
Response :
| string | token | Auth token/Frob. |
Error Conditions/Response:
| Error Code | Error Condition | Description |
| 0 | Invalid signature | If signature is invalid |
| 1 | Unexpected error | Processing error |
| 2 | Disabled widget | If API key is disabled |
| 3 | Unknown widget | Unknown API key |
Example Request:
http://api.friendster.com/v1/token?
api_key=2e37638f335f0545c3719d34f4d20ed0&
nonce=326233766.3425&
sig=012345678901234567890123456789012
Example Response (XML):
<token_response xmlns="http://api.friendster.com/v1/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/ http://api.friendster.com/v1/friendster.xsd">
<token>246d7918d9405d6.52980496</token>
</token_response>
Create New Session
Resource URL: http://api.friendster.com/v1/session
Methods: POST (creates a new session)
Resource Description: API to generate a session to use for subsequent API calls.
Request :
| string | api_key | Unique API ID given to each widget/application. |
| string | auth_token | Return the session associated with this auth_token. |
| string | sig | Signature of the Request. |
| string | format (optional) | XML (default), JSON. |
Response :
| string | session_key | Session identifier. |
| int | uid | User ID. |
Error Conditions/Response :
| Error Code | Error Condition | Description |
| 0 | Invalid signature | If signature is invalid |
| 1 | Unexpected error | Processing error |
| 2 | Disabled widget | If API key is disabled |
| 3 | Unknown widget | Unknown API key |
| 4 | Token expired | The auth token has already expired |
| 5 | Invalid token | The auth token is invalid |
Example Request :
http://api.friendster.com/v1/session?
auth_token=846d79676186569.74429552&
api_key=2e37638f335f0545c3719d34f4d20ed0&
nonce=326233766.3425&
sig=012345678901234567890123456789012
Example Response (XML) :
<session_response xmlns="http://api.friendster.com/v1/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/ http://api.friendster.com/v1/friendster.xsd">
<session_key>M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519</session_key>
<uid>57519</uid>
</session_response>
Get User Information
Resource URL: http://api.friendster.com/v1/user/<UID>
Resource Methods: GET (Retrieval of user information)
Resource Description: API to get user information on one or more users. If no user_id is specified, information about current logged in user will be returned.
Request :
| string | api_key | Unique API ID given to each widget/application. |
| string | session_key | Session identifier. |
| numeric | nonce | Unique ID that avoids replay attacks. |
| string | sig | Signature of the Request. |
| string | format (optional) | XML (default), JSON. |
Response :
| container | user | Individual containers for users (repeatable) |
| attribute | status (optional) | If the UID doesn't exist, the status will be "not found". |
| numeric | uid | User ID. |
| string | first_name | User's first name |
| string | last_name | User's last name |
| string | url | url link to profile page |
| string | primary_photo_url | url link to primary photo |
| string | gender | male or female |
| string | user_type | Normal or Fan Profile |
| string | fan_profile_type | Describes the type of fan profile if user_type is Fan Profile. Otherwise it is set to None |
| string | fan_profile_category | Describes the fan profile category if this is a fan profile |
| container | member_since | Member since container |
| numeric | * month | |
| numeric | * year | |
| string | relationship_status | Single or Married |
| container | interested_in | Interests |
| string | * interest | Dating Men or Dating Women etc |
| container | birthday | Birthday |
| numeric | * year | |
| numeric | * month | |
| numeric | * day | |
| container | location | Location |
| string(2) | * country | 2-letter country code |
| string | * state | |
| string | * city | |
| numeric | * zip | |
| string | hometown | |
| comma-string | occupation | |
| comma-string | companies | |
| comma-string | hobbies_and_interests | |
| comma-string | affiliations | |
| container | college_list | List of colleges |
| container | * college | College container (repeatable) |
| string | * * name | |
| string | * * region | |
| string(2) | * * country | 2-letter country code |
| numeric | * * year_start | Date start |
| numeric | * * year_end | Date end |
| string | * * major | |
| container | school_list | List of schools |
| container | school | School container (repeatable) |
| string | * * name | |
| string | * * region | |
| string | * * city | City (can be blank) |
| string(2) | * * country | 2-letter country code |
| numeric | * * year_start | Date start |
| numeric | * * year_end | Date end |
| container | favorites | Favorites |
| comma-string | * books | |
| comma-string | * movies | |
| comma-string | * music | |
| comma-string | * tv_shows | |
| string | about_me | |
| string | wantto_meet | Who I want to meet |
Error Conditions/Response :
| Error Code | Error Condition |
| 1 | Invalid input |
| 2 | Invalid session_id |
| 3 | Unsupported version |
| 4 | Invalid field |
| 5 | Invalid format |
| 6 | Invalid sig |
| 7 | Process failed |
Example Request :
http://api.friendster.com/v1/user/57519?
api_key=2e37638f335f0545c3719d34f4d20ed0&
session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519&
nonce=326233766.3425&
sig=012345678901234567890123456789012
Example Response (XML) :
<?xml version="1.0" encoding="UTF-8" ?>
<user_response xmlns="http://api.friendster.com/v1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/friendster.xsd">
<user>
<uid>635423412</uid>
<first_name><![CDATA[John]]></first_name>
<last_name><![CDATA[doe]]></last_name>
<url>http://profiles.friendster.com/635423412</url>
<primary_photo_url>http://photos.friendster.com:81/photos/43/09/45345/1_620223562m.jpg</primary_photo_url>
<location>
<country>US</country>
<state>CA</state>
<city>California</city>
</location>
<hometown><![CDATA[san francisco]]></hometown>
<user_type>Normal</user_type>
<fan_profile_type>None</fan_profile_type>
<fan_profile_category>None</fan_profile_category>
<relationship_status>Single</relationship_status>
<gender>Male</gender>
<member_since>
<year>2003</year>
<month>02</month>
</member_since>
<interested_in list="true">
<interest>Friends</interest>
<interest>Activity Partners</interest>
</interested_in>
<occupation><![CDATA[Programmer]]></occupation>
<companies></companies>
<hobbies_and_interests></hobbies_and_interests>
<affiliations></affiliations>
<college_list list="true">
<college>
<name><![CDATA[University of California - Davis]]></name>
<region>California</region>
<country>United States</country>
<city></city>
<year_start>2000</year_start>
<year_end>2003</year_end>
<major><![CDATA[Communications]]></major>
<degree>127</degree>
<course></course>
<class_of>2002</class_of>
</college>
</college_list>
<school_list list="true">
<school>
<name><![CDATA[Joplin High]]></name>
<region>Missouri</region>
<country>United States</country>
<city>Joplin</city>
<year_start>2000</year_start>
<year_end>2004</year_end>
<major></major>
<degree>0</degree>
<course></course>
<class_of>2004</class_of>
</school>
</school_list>
<school_other></school_other>
<favorites>
<books><![CDATA[Confessions of a Shopaholic]]></books>
<movies><![CDATA[Ferris Bueller's Day Off, Friday, Goonies, Zoolander, 50 First Dates, Elf]]></movies>
<music><![CDATA[all kinds...it just depends on the mood]]></music>
<tv_shows><![CDATA[24 BABY!!!!! SNL, Conan O'Brien, Friends, Reality TV...esp. American Idol,
CSI, Nip Tuck, Chappelle's Show]]></tv_shows>
</favorites>
<about_me><![CDATA[I'm John Doe]]></about_me>
<want_to_meet><![CDATA[Anyone who wants to be my friend]]></want_to_meet>
<birthday>
<year>1984</year>
<month>07</month>
<day>25</day>
</birthday>
</user>
</user_response>
Example Error Response :
<error_response xmlns="<http://api.friendster.com/v1/>"
xmlns:xsi="<http://www.w3.org/2001/XMLSchema-instance>"
xsi:schemaLocation="http://api.friendster.com/v1/
http://api.friendster.com/v1/friendster.xsd">
<error_code>7</error_code>
<error_msg>Unauthorized source IP address (ip was: 10.1.2.3)</error_msg>
</error_response>
Get Friends List
Resource URL : http://api.friendster.com/v1/friends/<UID>
Resource Methods : GET (Retrieval of friends list)
Resource Description : API to get the friends list of a user. If no user_id is specified, the friends list of the current logged in user will be returned.
Request :
| string | api_key | Unique API ID given to each widget/application. |
| string | session_key | Session identifier. |
| numeric | nonce | Unique ID that avoids replay attacks. |
| string | sig | Signature of the Request. |
| string | format (optional) | XML (default), JSON. |
Response :
| container | friends | Individual containers for friends |
| int | uid | User ID. (repeatable) |
Error Conditions/Response :
| Error Code | Error Condition | Description | HTTP status code |
| 1 | Unexpected error | Unexpected internal error | 500 |
| 4 | Wrong Method | Invalid HTTP method (must be GET) | 501 |
| 6 | Invalid session key | Invalid session key | 403 |
| 8 | Disabled widget | App is disabled and cannot be used | 403 |
| 100 | Invalid input parameter | Input parameters missing or invalid | 4040 |
| 101 | Unknown widget | API Key does not exist | 404 |
| 102 | Session expired | The current session has expired | 403 |
| 103 | Request replay | The request was already submitted | 400 |
| 104 | Invalid signature | Request signature is invalid | 400 |
Example Request :
http://api.friendster.com/v1/friends/57519?
api_key=2e37638f335f0545c3719d34f4d20ed0&
session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519&
nonce=326233766.3425&
sig=012345678901234567890123456789012
Example Response (XML) :
<friends_response xmlns="http://api.friendster.com/v1/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/
http://api.friendster.com/v1/friendster.xsd">
<friends list="true">
<uid>57519</uid>
<uid>12989</uid>
<uid>57908</uid>
<uid>48999</uid>
<uid>37529</uid>
<uid>97510</uid>
</friends>
</friends_response>
Get Viewers List
Resource URL : http://api.friendster.com/v1/viewers
Resource Methods : GET (Retrieval of viewers list)
Resource Description : API to get the list of users who have viewed the current logged in user.
Request :
| string | api_key | Unique API ID given to each widget/application. |
| string | session_key | Session identifier. |
| numeric | nonce | Unique ID that avoids replay attacks. |
| string | sig | Signature of the Request. |
| string | format (optional) | XML (default), JSON. |
Response :
| container | viewers | Individual containers for viewers |
| int | uid | User ID. (repeatable) |
Error Conditions/Response :
| Error Code | Error Condition | Description | HTTP status code |
| 1 | Unexpected error | Unexpected internal error | 500 |
| 4 | Wrong Method | Invalid HTTP method (must be GET) | 501 |
| 6 | Invalid session key | Invalid session key | 403 |
| 8 | Disabled widget | App is disabled and cannot be used | 403 |
| 100 | Invalid input parameter | Input parameters missing or invalid | 4040 |
| 101 | Unknown widget | API Key does not exist | 404 |
| 102 | Session expired | The current session has expired | 403 |
| 103 | Request replay | The request was already submitted | 400 |
| 104 | Invalid signature | Request signature is invalid | 400 |
Example Request :
http://api.friendster.com/v1/viewers?
api_key=2e37638f335f0545c3719d34f4d20ed0&
session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519&
nonce=326233766.3425&
sig=012345678901234567890123456789012
Example Response (XML) :
<viewers_response xmlns="http://api.friendster.com/v1/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/
http://api.friendster.com/v1/friendster.xsd">
<viewers list="true">
<uid>57519</uid>
<uid>12989</uid>
<uid>57908</uid>
<uid>48999</uid>
<uid>37529</uid>
<uid>97510</uid>
</viewers>
</viewers_response>
Get Fans List
Resource URL : http://api.friendster.com/v1/fans/<UID>
Resource Methods : GET (Retrieval of fans list)
Resource Description : API to get the fans list of a fan profile. If no user_id is specified, the fans list of the current logged in user will be returned.
Request :
| string | api_key | Unique API ID given to each widget/application. |
| string | session_key | Session identifier. |
| numeric | nonce | Unique ID that avoids replay attacks. |
| string | sig | Signature of the Request. |
| string | format (optional) | XML (default), JSON. |
Response :
| container | fans | Individual containers for friends |
| int | uid | User ID. (repeatable) |
Error Conditions/Response :
| Error Code | Error Condition | Description | HTTP status code |
| 1 | Unexpected error | Unexpected internal error | 500 |
| 4 | Wrong Method | Invalid HTTP method (must be GET) | 501 |
| 6 | Invalid session key | Invalid session key | 403 |
| 8 | Disabled widget | App is disabled and cannot be used | 403 |
| 10 | Not a fan profile | uid specified must be a fan profile | 403 |
| 100 | Invalid input parameter | Input parameters missing or invalid | 4040 |
| 101 | Unknown widget | API Key does not exist | 404 |
| 102 | Session expired | The current session has expired | 403 |
| 103 | Request replay | The request was already submitted | 400 |
| 104 | Invalid signature | Request signature is invalid | 400 |
Example Request :
http://api.friendster.com/v1/fans/57519?
api_key=2e37638f335f0545c3719d34f4d20ed0&
session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519&
nonce=326233766.3425&
sig=012345678901234567890123456789012
Example Response (XML) :
<fans_response xmlns="http://api.friendster.com/v1/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/
http://api.friendster.com/v1/friendster.xsd">
<fans list="true">
<uid>57519</uid>
<uid>12989</uid>
<uid>57908</uid>
<uid>48999</uid>
<uid>37529</uid>
<uid>97510</uid>
</fans>
</fans_response>
Get Depth
Resource URL : http://api.friendster.com/v1/depth/<UID>,<UID>
Resource Methods : GET (Retrieval of relation depth)
Resource Description : API to get the relation depth between two users. If only 1 user_id is specified, the relation depth between that user and the current logged in user will be returned.
Request :
| string | api_key | Unique API ID given to each widget/application. |
| string | session_key | Session identifier. |
| numeric | nonce | Unique ID that avoids replay attacks. |
| string | sig | Signature of the Request. |
| string | format (optional) | XML (default), JSON. |
Response :
| container | friend_info | Individual containers for friends |
| int | uid1 | User ID #1 |
| int | uid2 | User ID #2 |
| numeric | depth | Relation depth between the two users (0 = extended network, -1 = self, 1 = 1st degree friend, 2 = second degree friend) |
Error Conditions/Response :
| Error Code | Error Condition | Description | HTTP status code |
| 1 | Unexpected error | Unexpected internal error | 500 |
| 4 | Wrong Method | Invalid HTTP method (must be GET) | 501 |
| 6 | Invalid session | key Invalid session key | 403 |
| 8 | Disabled widget | App is disabled and cannot be used | 403 |
| 100 | Invalid input parameter | Input parameters missing or invalid | 400 |
| 101 | Unknown widget | API Key does not exist | 404 |
| 102 | Session expired | The current session has expired | 403 |
| 103 | Request replay | The request was already submitted | 400 |
| 104 | Invalid signature | Request signature is invalid | 400 |
Example Request :
http://api.friendster.com/v1/depth/57519,45782?
api_key=2e37638f335f0545c3719d34f4d20ed0&
session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519&
nonce=326233766.3425&
sig=012345678901234567890123456789012
Example Response (XML) :
<depth_response xmlns="http://api.friendster.com/v1/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/
http://api.friendster.com/v1/friendster.xsd" list="true">
<friend_info>
<uid1>57519</uid1>
<uid2>45782</uid2>
<depth>0</depth>
</friend_info>
</depth_response>
Get Photos
Resource URL :http://api.friendster.com/v1/photos/<UID>
Resource Methods : GET (Retrieval of user photos)
Resource Description : API to get one or more photos from a users albums. If no album is specified, all photos from all public albums will be retrieved.
Request :
| string | api_key | Unique API ID given to each widget/application. |
| int | aid (optional) | The album id. If not specified all photos from all public albums will be retrieved. |
| string | session_key | Session identifier. |
| numeric | nonce | Unique ID that avoids replay attacks. |
| string | sig | Signature of the Request. |
| string | format (optional) | XML (default), JSON. |
Response :
| container | photo | Individual containers for photos (repeatable) |
| numeric | pid | The photo ID |
| numeric | aid | The album id that this photo belongs to |
| numeric | owner | The uid of the photo owner |
| string | src | URL of photo, with max width 200px and max height 300px. May be blank. |
| string | src_big | URL of photo, with max width 600px and max height 600px. May be blank. |
| string | src_small | URL of photo, with with max width 100px and max height 150px. May be blank. |
| string | link | Link to the users' gallery containing the photo. |
| string | caption | The caption linked to the specified photo. |
| numeric | created | Date photo was created. In unix time format. |
| numeric | is_grabbed | A flag indicating if the photo was grabbed from another user. '1' if it is, otherwise it is '0' |
Error Conditions/Response :
| Error Code | Error Condition | Description |
| 1 | Process failed | Unexpected error |
| 4 | Wrong method | Invalid HTTP method (must be GET) |
| 6 | Invalid Credentials | Sessions credentials are invalid |
| 100 | Invalid input parameter | Input parameters missing or invalid |
| 102 | Session has expired | Session has expired |
| 103 | replay error | nonce argument is <= than previous request |
| 104 | Invalid Signature | If signature is invalid |
| 110 | Invalid user id | The uid passed is invalid or non-existing |
Example Request :
http://api.friendster.com/v1/photos/57519?
api_key=2e37638f335f0545c3719d34f4d20ed0&
session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519&
nonce=326233766.3425&
sig=012345678901234567890123456789012
Example Response (XML) :
<photos_response xmlns="http://api.friendster.com/v1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/ http://api.friendster.com/v1/friendster.xsd">
<photo>
<pid>0</pid>
<aid>73462</aid>
<owner>8156</owner>
<src>http://api.friendster.com/photos/65/18/8156/559683266m.jpg</src>
<src_small>http://api.friendster.com/photos/65/18/8156/559683266s.jpg</src_small>
<src_big>http://api.friendster.com/photos/65/18/8156/559683266l.jpg</src_big>
<link>http://api.friendster.com/photos/65/18/8156/559683266</link>
<caption/>
<created>1175602432</created>
<is_grabbed>0</is_grabbed>
</photo>
<photo>
<pid>277363040</pid>
<aid>73462</aid>
<owner>8156</owner>
<src>http://api.friendster.com/photos/65/18/8156/27736304056867m.jpg</src>
<src_small>http://api.friendster.com/photos/65/18/8156/27736304056867s.jpg</src_small>
<src_big>http://api.friendster.com/photos/65/18/8156/27736304056867l.jpg</src_big>
<link>http://api.friendster.com/photos/65/18/8156/27736304056867</link>
<caption>I'm one CRAZY GUY!!</caption>
<created>1146673467</created>
<is_grabbed>0</is_grabbed>
</photo>
<photo>
<pid>18427458</pid>
<aid>73462</aid>
<owner>8156</owner>
<src>http://api.friendster.com/photos/65/18/8156/1842745850213m.jpg</src>
<src_small>http://api.friendster.com/photos/65/18/8156/1842745850213s.jpg</src_small>
<src_big>http://api.friendster.com/photos/65/18/8156/1842745850213l.jpg</src_big>
<link>http://api.friendster.com/photos/65/18/8156/1842745850213</link>
<caption>Dana, Marlena, and Me</caption>
<created>1146673399</created>
<is_grabbed>0</is_grabbed>
</photo>
</photos_response>
Get Albums
Resource URL:
http://api.friendster.com/v1/albums/5751923 http://api.friendster.com/v1/albums/
Resource Methods: GET (Retrieval of a user's albums)
Resource Description: API to get the list of the user's albums. If there is no uid specified then the albums
of the current user will be retrieved.
Request :
| string | api_key | Unique API ID given to each widget / application. |
| string | session_key | Session identifier |
| string (optional) | uid | The uid of the user to get the albums for |
| numeric (optional) | aids | Returns the data regarding the aids specified in the list. If not specified, all albums will be retrieved. |
| numeric | nonce | Unique ID that avoids replay attacks. |
| string | sig | Hash key. |
| string (optional) | format | XML (default), PHP, JSON |
| string | lang | Language to return the data in. En, Fr, etc. |
Response :
| container | album | Individual container for albums (repeatable) |
| numeric | aid | The album ID |
| numeric | cover_pid | The pid of the albums cover photo |
| numeric | owner | The uid of the album owner |
| string | name | The name of the album |
| numeric | created | unix timestamp when this album was created |
| numeric | modified | unix timestamp when this album was modified |
| string | description | The description of this album |
| int | isprivate | 0 if it is public, non-zero if it is private |
| string | link | A link to the albums' page |
| size | numeric | The total number of photos in this album |
Error Conditions/Response :
| Error Code | Error Condition | Description |
| 1 | Process failed | Unexpected error |
| 4 | Wrong method | Invalid HTTP method (must be GET) |
| 6 | Invalid Credentials | Sessions credentials are invalid |
| 7 | Resource does not exist | User does not have any photos |
| 100 | Invalid input parameter | Input parameters missing or invalid |
| 102 | Session has expired | Session has expired |
| 103 | replay error | nonce argument is <= than previous request |
| 104 | Invalid Signature | If signature is invalid |
| 110 | Invalid user id | The uid passed is invalid or non-existing |
| 200 | Permissions error | The resource cannot be accessed by the current user |
Example Request:
http://api.friendster.com/v1/albums/5751923?
api_key=2e37638f335f0545c3719d34f4d20ed0&
session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519&nonce=326233766&sig=fake_sig
Example Response (XML):
<?xml version="1.0" encoding="UTF-8" ?><albums_response xmlns="http://api.friendster.com/v1/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/ http://api.friendster.com/v1/friendster.xsd" list="true">
<album>
<aid>208945705</aid>
<cover_pid>3213141330</cover_pid>
<owner>1234511</owner>
<name><![CDATA[Paradise]]></name>
<created>1152794473</created>
<modified>1152794473</modified>
<description><![CDATA[Beach Pictures]]></description>
<isprivate>0</isprivate>
<link>http://photos.friendster.com:81/photos/</link>
<size>1</size>
</album>
<album>
<aid>682866204</aid>
<cover_pid>0</cover_pid>
<owner>1234511</owner>
<name><![CDATA[test album1]]></name>
<created>1152794439</created>
<modified>1152794439</modified>
<description><![CDATA[Picture of stars]]></description>
<isprivate>0</isprivate>
<link>http://photos.friendster.com:81/photos/</link>
<size>1</size>
</album>
</albums_response>
Example Error Response
<error_response xmlns="<http://api.friendster.com/v1/>"
xmlns:xsi="<http://www.w3.org/2001/XMLSchema-instance>"
xsi:schemaLocation="http://api.friendster.com/v1/
http://api.friendster.com/v1/friendster.xsd">
<error_code>7</error_code>
<error_msg>Unauthorized source IP address (ip was: 10.1.2.3)</error_msg>
</error_response>
Create Album
Resource URL:
http://api.friendster.com/v1/album/
Resource Methods: POST (Create an album for the current user)
Resource Description: API to create an album for the current user. This resource will return an album id that can be used in photo uploads.
Request :
| string | api_key | Unique API ID given to each widget / application. |
| string | session_key | Session identifier |
| string | name | The name of the album |
| string | isprivate (optional) | possible values are 0 - public album (default), 1 - private album |
| numeric | nonce | Unique ID that avoids replay attacks. |
| string | sig | Hash key. |
| string (optional) | format | XML (default), PHP, JSON |
| string | lang | Language to return the data in. En, Fr, etc. |
Response :
| container | album | container for the album response |
| numeric | aid | The album ID |
| numeric | cover_pid | The pid of the albums cover photo. (This will always be zero) |
| numeric | owner | The uid of the album owner |
| string | name | The name of the album |
| numeric | created | unix timestamp when this album was created |
| numeric | modified | unix timestamp when this album was modified. (will always be the same as created) |
| string | link | A link to the albums' page |
| size | numeric | The total number of photos in this album. (This will always be zero) |
Error Conditions/Response :
| Error Code | Error Condition | Description |
| 1 | Process failed | Unexpected error |
| 4 | Wrong method | Invalid HTTP method (must be POST) |
| 6 | Invalid Credentials | Sessions credentials are invalid |
| 7 | Resource does not exist | User does not have any photos |
| 8 | Maximum number of albums reached | The maximum number of albums has been reached |
| 100 | Invalid input parameter | Input parameters missing or invalid |
| 102 | Session has expired | Session has expired |
| 103 | replay error | nonce argument is <= than previous request |
| 104 | Invalid Signature | If signature is invalid |
| 110 | Invalid user id | The uid passed is invalid or non-existing |
| 200 | Permissions error | The resource cannot be accessed by the current user |
Example Request:
http://api.friendster.com/v1/album?
api_key=2e37638f335f0545c3719d34f4d20ed0&name=Paradise&
session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519&nonce=326233766&sig=fake_sig
Example Response (XML):
<?xml version="1.0" encoding="UTF-8" ?>
<album_response xmlns="http://api.friendster.com/v1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/ http://api.friendster.com/v1/friendster.xsd" list="true">
<album>
<aid>208945705</aid>
<cover_pid>0</cover_pid>
<owner>1234511</owner>
<name><![CDATA[Paradise]]></name>
<created>1152794473</created>
<modified>1152794473</modified>
<link>http://photos.friendster.com/photos/</link>
<size>0</size>
</album>
</album_response>
Example Error Response
<error_response xmlns="<http://api.friendster.com/v1/>"
xmlns:xsi="<http://www.w3.org/2001/XMLSchema-instance>"
xsi:schemaLocation="http://api.friendster.com/v1/
http://api.friendster.com/v1/friendster.xsd">
<error_code>7</error_code>
<error_msg>Unauthorized source IP address (ip was: 10.1.2.3)</error_msg>
</error_response>
Delete Album
Resource URL:
http://api.friendster.com/v1/album/<aid>
Resource Methods: DELETE (Deletes an album)
Resource Description: API to delete an album. Associated photos will also be deleted if preserve_photos parameter is 0.
Request :
| string | api_key | Unique API ID given to each widget / application. |
| string | session_key | Session identifier |
| numeric | nonce | Unique ID that avoids replay attacks. |
| numeric | aid | The aid of the album to be deleted |
| int | preserve_photos | 0 - delete associated photos (default), 1 - delete album but move the photos to unfiled |
| string | sig | Hash key. |
| string (optional) | format | XML (default), PHP, JSON |
| string | lang | Language to return the data in. En, Fr, etc. |
Response :
| string | status | Contains SUCCESS if the operation was successful |
| string | aid | Contains the aid of the album that was deleted |
Error Conditions/Response :
| Error Code | Error Condition | Description |
| 1 | Process failed | Unexpected error |
| 4 | Wrong method | Invalid HTTP method (must be DELETE) |
| 6 | Invalid Credentials | Sessions credentials are invalid |
| 7 | Resource does not exist | User does not have any photos |
| 100 | Invalid input parameter | Input parameters missing or invalid |
| 102 | Session has expired | Session has expired |
| 103 | replay error | nonce argument is <= than previous request |
| 104 | Invalid Signature | If signature is invalid |
| 110 | Invalid user id | The uid passed is invalid or non-existing |
| 121 | Invalid photo id | The pid passed is invalid or non-existing |
| 200 | Permissions error | The resource cannot be accessed by the current user |
Example Request:
http://api.friendster.com/v1/album/5849853?
api_key=2e37638f335f0545c3719d34f4d20ed0&
session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519&nonce=326233766&sig=fake_sig
Example Response (XML):
<album_response xmlns="http://api.friendster.com/v1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/ http://api.friendster.com/v1/friendster.xsd">
<status>SUCCESS</status>
<aid>5849853</aid>
</album_response>
Example Error Response
<error_response xmlns="<http://api.friendster.com/v1/>"
xmlns:xsi="<http://www.w3.org/2001/XMLSchema-instance>"
xsi:schemaLocation="http://api.friendster.com/v1/
http://api.friendster.com/v1/friendster.xsd">
<error_code>7</error_code>
<error_msg>Unauthorized source IP address (ip was: 10.1.2.3)</error_msg>
</error_response>
Update App Content
Resource URL :http://api.friendster.com/v1/widget
Resource Method : POST (Updates the content of a given widget/application instance on a user profile.)
Resource Description : Creates the user profile app instance or updates its HTML content. If multiple instances of the same app are on the user profile, then the instance id must be used to specify which instance to update.
Request :
| string | api_key | Unique API ID given to each app. |
| string | instance_id (optional) | App instance id. If missing, adds a new widget/application instance. If specified, updates the existing instance. |
| string | content | HTML content to place in the user profile. |
| string | session_key | Session identifier. |
| numeric | nonce | Unique ID that avoids replay attacks. |
| string | sig | Signature of the Request. |
| string | format (optional) | XML (default), JSON. |
Response :
| api_key | api_key given as argument |
| instance_id | Instance id of the app instance updated or created |
Error Conditions/Response :
| Error Code | Error Condition | Description | HTTP return code |
| 1 | Unexpected error | Unexpected internal error | 500 |
| 4 | Wrong Method | Invalid HTTP method (must be GET) | 501 |
| 8 | Disabled widget | App is disabled and cannot be used | 403 |
| 100 | Invalid input parameter | Input parameters missing or invalid | 404 |
| 101 | Unknown widget | API Key does not exist | 404 |
| 104 | Invalid signature | Request signature is invalid | 403 |
| 110 | Unknown object | The requested object does not exist | 404 |
| TBD | Access denied | object permission do not allow the caller to perform the operation | 403 |
Example Request :
http://api.friendster.com/v1/widget Content-Type: multipart/form-data; boundary=xxx MIME-version: 1.0 --xxx Content-Disposition: form-data; name="api_key" 2e37638f335f0545c3719d34f4d20ed0 --xxx Content-Disposition: form-data; name="session_key" M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519 --xxx Content-Disposition: form-data; name="nonce" 326233766 --xxx Content-Disposition: form-data; name="sig" 012345678901234567890123456789012 --xxx Content-Disposition: form-data; name="content" <EMBED SRC="http://myApp.com/app1.swf" AUTOSTART="true"></EMBED>
Example Response (XML) :
<widget_response xmlns="http://api.friendster.com/v1/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/friendster.xsd">
<api_key>2e37638f335f0545c3719d34f4d20ed0</api_key>
<instance_id>1236543</instance_id>
</widget_response>
Example Error Response :
<error_response xmlns="<http://api.friendster.com/v1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://api.friendster.com/v1/"> <error_code>104</error_code> <error_msg>Invalid signature</error_msg> </error_response>
Get App
Resource URL:
http://api.friendster.com/v1/widget/ http://api.friendster.com/v1/widget/<instance_id>
Resource Method:
GET (Gets information about a given app instance in a user profile. This information includes the title, content
and the time it was last updated)
Resource Description: API to get the information of an app instance in a user profile.
Request :
| string | api_key | Unique API ID given to each widget/application. |
| string (optional for applications) | instance_id | App instance id |
| string | session_key | Session identifier |
| numeric | nonce | Unique ID that avoids replay attacks. |
| string | sig | Hash key. |
| string (optional) | format | XML (default), JSON |
Response :
| uid | uid of the owner of the profile |
| instance_id | instance_id given as argument |
| title | The app title |
| content | app content |
| created | date created in unix time |
| lastupd | date last updated in unix time |
Error Conditions/Response :
| Error Code | Error Condition | Description | HTTP return code |
| 1 | Unexpected error | Unexpected internal error | 500 |
| 4 | Wrong Method | Invalid HTTP method (must be GET) | 501 |
| 8 | Disabled widget | App is disabled and cannot be used | 403 |
| 100 | Invalid input parameter | Input parameters missing or invalid | 404 |
| 101 | Unknown widget | API Key does not exist | 404 |
| 104 | Invalid signature | Request signature is invalid | 403 |
| 110 | Unknown object | The requested object does not exist | 404 |
| TBD | Access denied | object permission do not allow the caller to perform the operation | 403 |
Example Request:
http://api.friendster.com/v1/widget/365925042?
api_key=2e37638f335f0545c3719d34f4d20ed0&
session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519&
nonce=326233766.3425&
sig=012345678901234567890123456789012
Example Response (XML):
<?xml version="1.0" encoding="UTF-8" ?>
<widget_response>
<uid>974364017</uid>
<instance_id>365925042</instance_id>
<title><![CDATA[Friendster Test App]]></title>
<content><![CDATA[test3]]></content>
<created>1197853308</created>
<lastupd>1197853326</lastupd>
</widget_response>
Example Error Response
<error_response xmlns="<http://api.friendster.com/v1/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/">
<error_code>104</error_code>
<error_msg>Invalid signature</error_msg>
</error_response>
Get Shoutout
Resource URL :http://api.friendster.com/v1/shoutout
Resource Method : GET (obtain the shoutout for the current user or another user)
Resource Description : This API retrieves the shoutout of the currently logged in user, or another user specified by uid.
Request :
| string | api_key | Unique API ID given to each widget/application. |
| numeric | uid (optional) | User id. |
| numeric | uids (optional) | Comma separated list of user ids. |
| string | session_key | Session identifier. |
| numeric | nonce | Unique ID that avoids replay attacks. |
| string | sig | Signature of the Request. |
| string | format (optional) | XML (default), JSON |
Response :
| shoutouts | A list of shoutouts objects (if multiple shoutouts), or just one (if only one exists) |
Error Conditions/Response :
| Error Code | Error Condition | Description | HTTP return code |
| 1 | Unexpected error | Unexpected internal error | 500 |
| 4 | Wrong Method | Invalid HTTP method (must be POST) | 501 |
| 6 | Invalid Session Key | Invalid session Key | 403 |
| 8 | Disabled widget | App is disabled and cannot be used | 403 |
| 100 | Invalid input parameter | Input parameters missing or invalid | 404 |
| 101 | Unknown widget | API Key does not exist | 404 |
| 102 | Session expired | The current session has expired | 403 |
| 103 | Request replay | The request was already submitted | 400 |
| 104 | Invalid signature | Request signature is invalid | 403 |
Example Request :
http://api.friendster.com/v1/shoutout?uid=123456 http://api.friendster.com/v1/shoutout?uids=123456,987654
Response
<shoutout_response xmlns="http://api.friendster.com/v1/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/friendster.xsd" list="true">
<shoutouts>
<shoutout>
<uid>123456</uid>
<content>Travelling to Vegas!</content>
<updated>2135495366</updated>
</shoutout>
<shoutout>
<uid>987654</uid>
<content>In great shape today</content>
<updated>138374248</updated>
</shoutout>
</shoutouts>
</shoutout_response>
Example Error Response :
<error_response xmlns="<http://api.friendster.com/v1/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/">
<error_code>104</error_code>
<error_msg>Invalid signature</error_msg>
</error_response>
Post Shoutout
Resource URL :http://api.friendster.com/v1/shoutout
Resource Method : POST (Updates the shoutout for the current user)
Resource Description : This API updates the shoutout of the current logged in user. If an empty value is passed as content, the current user shoutout will be cleared.
Request :
| string | api_key | Unique API ID given to each widget/application. |
| string | session_key | Session identifier. |
| string | content | Content of the new shoutout. |
| numeric | nonce | Unique ID that avoids replay attacks. |
| string | sig | Signature of the Request. |
| string | format (optional) | XML (default), JSON. |
Response :
| status | contains either "updated" (when shoutout is updated) or "deleted" (when shoutout is cleared) |
Error Conditions/Response :
| Error Code | Error Condition | Description | HTTP return code |
| 1 | Unexpected error | Unexpected internal error | 500 |
| 4 | Wrong Method | Invalid HTTP method (must be POST) | 501 |
| 6 | Invalid Session Key | Invalid session Key | 403 |
| 8 | Disabled widget | App is disabled and cannot be used | 403 |
| 100 | Invalid input parameter | Input parameters missing or invalid | 404 |
| 101 | Unknown widget | API Key does not exist | 404 |
| 102 | Session expired | The current session has expired | 403 |
| 103 | Request replay | The request was already submitted | 400 |
| 104 | Invalid signature | Request signature is invalid | 403 |
Example Request :
http://api.friendster.com/v1/shoutout ::Content-Type: multipart/form-data; boundary=xxx MIME-version: 1.0 --xxx Content-Disposition: form-data; name="content" Traveling to Vegas!
Example Response (XML) :
<shoutout_response xmlns="http://api.friendster.com/v1/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/friendster.xsd">
<status>updated</status>
</shoutout_response>
Example Error Response :
<error_response xmlns="<http://api.friendster.com/v1/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/">
<error_code>104</error_code>
<error_msg>Invalid signature</error_msg>
</error_response>
Upload Photo
Resource URL:http://api.friendster.com/v1/photos
Resource Methods: POST (Uploads a photo for the currently logged in user or for a specified user)
Resource Description: API to upload a single photo owned by the currently logged in user and then returns information about the uploaded photo. Upload requests must be formed as a MIME multipart message sent using POST data. Each argument, including the raw image data, should be specified as a separate chunk of form data. If the upload is for another user, the current user and that user must first be friends before the upload will be allowed.
Request :
| string | api_key | Unique API ID given to each widget/application. |
| string | session_key | Session identifier |
| numeric | nonce | Unique ID that avoids replay attacks. |
| string | sig | Hash key. |
| string (optional) | format | XML (default), JSON |
| numeric (optional) | uid | If specified, this will upload the photo to the specified user photo gallery instead. |
| numeric | aid (optional) | The album id. The album that this photo will be placed in, if not specified this will be placed in the My Public Photos album. |
| string | caption | The caption of the photo |
| data | raw image data of the photo |
Response :
| numeric | pid | The photo ID |
| numeric | aid | The photos album id |
| numeric | owner | The uid of the photo owner |
| string | src | URL of photo, with max width 200px and max height 300px. May be blank. |
| string | src_big | URL of photo, with max width 600px and max height 600px. May be blank. |
| string | src_small | URL of photo, with with max width 100px and max height 150px. May be blank. |
| string | link | Link to the users' gallery containing the photo. |
| string | caption | The caption linked to the specified photo. |
Error Conditions/Response :
| Error Code | Error Condition | Description | HTTP status code |
| 1 | Unexpected error | Unexpected internal error | 500 |
| 4 | Wrong Method | Invalid HTTP method (must be GET) | 501 |
| 6 | Invalid session key | Invalid session key | 403 |
| 8 | Disabled widget | App is disabled and cannot be used | 403 |
| 10 | Invalid auth token | Auth token is invalid | 403 |
| 11 | Expired auth token | Auth token is expired | 403 |
| 100 | Invalid input parameter | Input parameters missing or invalid | 400 |
| 101 | Unknown widget | API Key does not exist | 404 |
| 102 | Session expired | The current session has expired | 403 |
| 103 | Request replay | The request was already submitted | 400 |
| 104 | Invalid signature | Request signature is invalid | 400 |
| 324 | Missing or invalid image file | The file uploaded was not an image file | 415 |
Example Request:
http://api.friendster.com/v1/photos
Example Post data:
Content-Type: multipart/form-data; boundary=frontier
MIME-version: 1.0
--frontier
Content-Disposition: form-data; name="api_key"
2e37638f335f0545c3719d34f4d20ed0
--frontier
Content-Disposition: form-data; name="session_key"
M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519
--frontier
Content-Disposition: form-data; name="nonce"
326233766
--frontier
Content-Disposition: form-data; name="sig"
fake_sig
--frontier
Content-Disposition: form-data; name="aid"
0
--frontier
Content-Disposition: form-data; name="caption"
Under the sunset
--frontier
Content-Disposition: form-data; filename="somefilename.jpg"
Content-Type: image/jpg
[Raw file data here]
--frontier
Example Response (XML):
<?xml version="1.0" encoding="UTF-8" ?>
<photos_response xmlns="http://api.friendster.com/v1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/ http://api.friendster.com/v1/friendster.xsd" list="true">
<photo>
<pid>10238228896</pid>
<aid>72316</aid>
<owner>902117</owner>
<src>http://vm.test.friendster.com:81/photos/71/09/9017/238228896m.jpg</src>
<src_big>http://vm.test.friendster.com:81/photos/71/09/9017/238228896l.jpg</src_big>
<src_small>http://vm.test.friendster.com:81/photos/71/09/9017/238228896s.jpg</src_small>
<caption>test upload</caption>
</photo>
</photos_response>
Example Error Response
<error_response xmlns="<http://api.friendster.com/v1/>"
xmlns:xsi="<http://www.w3.org/2001/XMLSchema-instance>"
xsi:schemaLocation="http://api.friendster.com/v1/
http://api.friendster.com/v1/friendster.xsd">
<error_code>7</error_code>
<error_msg>Unauthorized source IP address (ip was: 10.1.2.3)</error_msg>
</error_response>
Get Photo
Resource URL : http://api.friendster.com/v1/photos/57519
Resource Method : GET (Retrieval of user photos)
Resource Description : API to get one or more public photos in the users' gallery from all public albums including grabbed photos.
Request :
| string | api_key | Unique API ID given to each widget/application. |
| string | session_key | Session identifier |
| numeric | nonce | Unique ID that avoids replay attacks. |
| string | sig | Hash key. |
| string (optional) | format | XML (default), PHP, JSON |
| string | lang | Language to return the data in. En, Fr, etc. |
Response :
| container | photo | Individual containers for photos (repeatable) |
| numeric | pid | The photo ID |
| numeric | aid | The album id that this photo belongs to |
| numeric | owner | The uid of the photo owner |
| string | src | URL of photo, with max width 200px and max height 300px. May be blank. |
| string | src_big | URL of photo, with max width 600px and max height 600px. May be blank. |
| string | src_small | URL of photo, with with max width 100px and max height 150px. May be blank. |
| string | link | Link to the users' gallery containing the photo. |
| string | caption | The caption linked to the specified photo. |
| numeric | created | Date photo was created. In unix time format. |
| numeric | is_grabbed | A flag indicating if the photo was grabbed from another user. '1' if it is, otherwise it is '0' |
Error Conditions/Response :
| Error Code | Error Condition | Description |
| 1 | Process failed | Unexpected error |
| 4 | Wrong method | Invalid HTTP method (must be GET) |
| 6 | Invalid Credentials | Sessions credentials are invalid |
| 7 | Resource does not exist | User does not have any photos |
| 100 | Invalid input parameter | Input parameters missing or invalid |
| 102 | Session has expired | Session has expired |
| 103 | replay error | nonce argument is <= than previous request |
| 104 | Invalid Signature | If signature is invalid |
| 110 | Invalid user id | The uid passed is invalid or non-existing |
| 200 | Permissions error | The resource cannot be accessed by the current user |
Example Request :
http://api.friendster.com/v1/photos/57519?
api_key=2e37638f335f0545c3719d34f4d20ed0&
session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519&
nonce=326233766.3425&
sig=012345678901234567890123456789012
Response
<photos_response xmlns="http://api.friendster.com/v1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/ http://api.friendster.com/v1/friendster.xsd">
<photo>
<pid>512361452303</pid>
<aid>73426</aid>
<owner>8156</owner>
<src>http://vm.test.friendster.com:81/photos/65/18/8156/559683266m.jpg</src>
<src_small>http://vm.test.friendster.com:81/photos/65/18/8156/559683266s.jpg</src_small>
<src_big>http://vm.test.friendster.com:81/photos/65/18/8156/559683266l.jpg</src_big>
<link>http://vm.test.friendster.com:81/photos/65/18/8156/559683266</link>
<caption/>
<created>1175602432</created>
<is_grabbed>0</is_grabbed>
</photo>
<photo>
<pid>13423277363040</pid>
<aid>73426</aid>
<owner>8156</owner>
<src>http://vm.test.friendster.com:81/photos/65/18/8156/27736304056867m.jpg</src>
<src_small>http://vm.test.friendster.com:81/photos/65/18/8156/27736304056867s.jpg</src_small>
<src_big>http://vm.test.friendster.com:81/photos/65/18/8156/27736304056867l.jpg</src_big>
<link>http://vm.test.friendster.com:81/photos/65/18/8156/27736304056867</link>
<caption>I'm one CRAZY GUY!!</caption>
<created>1146673467</created>
<is_grabbed>0</is_grabbed>
</photo>
<photo>
<pid>84627218427458</pid>
<aid>73426</aid>
<owner>8156</owner>
<src>http://vm.test.friendster.com:81/photos/65/18/8156/1842745850213m.jpg</src>
<src_small>http://vm.test.friendster.com:81/photos/65/18/8156/1842745850213s.jpg</src_small>
<src_big>http://vm.test.friendster.com:81/photos/65/18/8156/1842745850213l.jpg</src_big>
<link>http://vm.test.friendster.com:81/photos/65/18/8156/1842745850213</link>
<caption>Dana, Marlena, and Me</caption>
<created>1146673399</created>
<is_grabbed>0</is_grabbed>
</photo>
</photos_response>
Example Error Response :
<error_response xmlns="<http://api.friendster.com/v1/>"
xmlns:xsi="<http://www.w3.org/2001/XMLSchema-instance>"
xsi:schemaLocation="http://api.friendster.com/v1/
http://api.friendster.com/v1/friendster.xsd">
<error_code>7</error_code>
<error_msg>Unauthorized source IP address (ip was: 10.1.2.3)</error_msg>
</error_response>
Delete Photo
Resource URL:
http://api.friendster.com/v1/photo/<uid>/<pid>
http://api.friendster.com/v1/photo/<pid>
Resource Methods: DELETE (Deletion of a single photo)
Resource Description: API to delete a single photo. Only photos owned by the current session user can be deleted.
Request :
| string | api_key | Unique API ID given to each widget/application. |
| string | session_key | Session identifier |
| numeric | nonce | Unique ID that avoids replay attacks. |
| numeric (optional) | uid | The uid of the user |
| numeric | pid | The pid of the photo |
| string | sig | Hash key. |
| string (optional) | format | XML (default), PHP, JSON |
| string | lang | Language to return the data in. En, Fr, etc. |
Response :
| string | status | Contains SUCCESS if the operation was successful |
| string | pid | Contains the pid of the photo that was deleted |
Error Conditions/Response :
| Error Code | Error Condition | Description |
| 1 | Process failed | Unexpected error |
| 4 | Wrong method | Invalid HTTP method (must be DELETE) |
| 6 | Invalid Credentials | Sessions credentials are invalid |
| 7 | Resource does not exist | User does not have any photos |
| 100 | Invalid input parameter | Input parameters missing or invalid |
| 102 | Session has expired | Session has expired |
| 103 | replay error | nonce argument is <= than previous request |
| 104 | Invalid Signature | If signature is invalid |
| 110 | Invalid user id | The uid passed is invalid or non-existing |
| 121 | Invalid photo id | The pid passed is invalid or non-existing |
| 200 | Permissions error | The resource cannot be accessed by the current user |
Example Request:
http://api.friendster.com/v1/photos/57519/5849853?
api_key=2e37638f335f0545c3719d34f4d20ed0&
session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519&
nonce=326233766.3425&
sig=012345678901234567890123456789012
Example Response (XML):
<photos_response xmlns="http://api.friendster.com/v1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/ http://api.friendster.com/v1/friendster.xsd">
<result>SUCCESS</result>
<pid>5849853</pid>
</photos_response>
Example Error Response
<error_response xmlns="<http://api.friendster.com/v1/>"
xmlns:xsi="<http://www.w3.org/2001/XMLSchema-instance>"
xsi:schemaLocation="http://api.friendster.com/v1/
http://api.friendster.com/v1/friendster.xsd">
<error_code>7</error_code>
<error_msg>Unauthorized source IP address (ip was: 10.1.2.3)</error_msg>
</error_response>
Put Photo
Resource URL:
http://api.friendster.com/v1/photo/<uid>/<pid>
Resource Methods: PUT (Updates the caption and set the primary flag of a single photo.)
Resource Description: API to update the primary flag and caption of a single photo.
Request :
| string | api_key | Unique API ID given to each widget/application. |
| string | session_key | Session identifier |
| numeric | nonce | Unique ID that avoids replay attacks. |
| numeric | uid | The uid of the user |
| numeric | pid | The pid of the photo |
| string (optional) | isprimary | flag to set if this is the primary photo. Should have a value of 1 (true) if this is specified |
| string (optional) | caption | The caption of the photo |
| string | sig | Hash key. |
| string (optional) | format | XML (default), PHP, JSON |
| string | lang | Language to return the data in. En, Fr, etc. |
Response :
| photo | container | Contains the photo information (see Get Photo) |
| result | string | Contains SUCCESS if the operation is successful |
| container | photo | Individual containers for photos (repeatable) |
| numeric | pid | The photo ID |
| numeric | aid | The album id that this photo belongs to |
| numeric | owner | The uid of the photo owner |
| string | src | URL of photo, with max width 200px and max height 300px. May be blank. |
| string | src_big | URL of photo, with max width 600px and max height 600px. May be blank. |
| string | src_small | URL of photo, with with max width 100px and max height 150px. May be blank. |
| string | link | Link to the users' gallery containing the photo. |
| string | caption | The caption linked to the specified photo. |
| numeric | created | Date photo was created. In unix time format. |
| numeric | is_grabbed | A flag indicating if the photo was grabbed from another user. '1' if it is, otherwise it is '0' |
Error Conditions/Response :
| Error Code | Error Condition | Description |
| 1 | Process failed | Unexpected error |
| 4 | Wrong method | Invalid HTTP method (must be PUT) |
| 6 | Invalid Credentials | Sessions credentials are invalid |
| 7 | Resource does not exist | User does not have any photos |
| 8 | captions processing error | Unable to set captions |
| 9 | Unable to set primary photo | Unable to set primary photo |
| 100 | Invalid input parameter | Input parameters missing or invalid |
| 102 | Session has expired | Session has expired |
| 103 | replay error | nonce argument is <= than previous request |
| 104 | Invalid Signature | If signature is invalid |
| 110 | Invalid user id | The uid passed is invalid or non-existing |
| 121 | Invalid photo id | The pid passed is invalid or non-existing |
| 200 | Permissions error | The resource cannot be accessed by the current user |
Example Request:
http://api.friendster.com/v1/photo/57519/5849853?
caption=hello%20world&
isprimary=1&
api_key=2e37638f335f0545c3719d34f4d20ed0&
session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519&
nonce=326233766.3425&
sig=012345678901234567890123456789012
Example Response (XML):
<photo_response xmlns="http://api.friendster.com/v1/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/ http://api.friendster.com/v1/friendster.xsd">
<status>SUCCESS</status>
<photo>
<pid>512361452303</pid>
<aid>643245</aid>
<owner>8156</owner>
<src>http://photos.friendster.com:81/photos/65/18/8156/559683266m.jpg</src>
<src_small>http://photos.friendster.com:81/photos/65/18/8156/559683266s.jpg</src_small>
<src_big>http://photos.friendster.com:81/photos/65/18/8156/559683266l.jpg</src_big>
<link>http://photos.friendster.com:81/photos/65/18/8156/559683266</link>
<caption/>
<created>1175602432</created>
<is_grabbed>0</is_grabbed>
</photo>
</photo_response>
Example Error Response
<error_response xmlns="<http://api.friendster.com/v1/>"
xmlns:xsi="<http://www.w3.org/2001/XMLSchema-instance>"
xsi:schemaLocation="http://api.friendster.com/v1/
http://api.friendster.com/v1/friendster.xsd">
<error_code>7</error_code>
<error_msg>Unauthorized source IP address (ip was: 10.1.2.3)</error_msg>
</error_response>
Get Primary
Resource URL:
http://api.friendster.com/v1/primaryphoto/<uid>
Resource Methods: GET (Gets the pid of the users' primary photo). If a uid is not specified, the pid of the
primary photo of the current user will be obtained.
Resource Description: API to get the primary photo of a user
Request :
| string | api_key | Unique API ID given to each widget/application. |
| string | session_key | Session identifier |
| numeric | nonce | Unique ID that avoids replay attacks. |
| string | sig | Hash key. |
| numeric | uid | The users' uid |
| numeric | aid | The album that this photo belongs. |
| string (optional) | format | XML (default), PHP, JSON |
Response :
| string | pid | The photo id of the users' current primary photo |
Error Conditions/Response :
| Error Code | Error Condition | Description |
| 1 | Process failed | Unexpected error |
| 4 | Wrong method | Invalid HTTP method (must be PUT) |
| 6 | Invalid Credentials | Sessions credentials are invalid |
| 100 | Invalid input parameter | Input parameters missing or invalid |
| 102 | Session has expired | Session has expired |
| 103 | replay error | nonce argument is <= than previous request |
| 104 | Invalid Signature | If signature is invalid |
Example Request:
http://api.friendster.com/v1/primaryphoto?
pid=10&
rid=1728372612&
api_key=2e37638f335f0545c3719d34f4d20ed0&
session_key=M4yZuZ4LjoJQj5BJfTkw2HnGw6MG8JyM-57519&
nonce=326233766.3425&
sig=012345678901234567890123456789012
Example Response (XML):
<?xml version="1.0" encoding="UTF-8" ?>
<primaryphoto_response
xmlns="http://api.friendster.com/v1/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/ http://api.friendster.com/v1/friendster.xsd"
list="true">
<photo>
<pid>512361452303</pid>
<aid>74234</aid>
<owner>8156</owner>
<src>http://photos.friendster.com:81/photos/65/18/8156/559683266m.jpg</src>
<src_small>http://photos.friendster.com:81/photos/65/18/8156/559683266s.jpg</src_small>
<src_big>http://photos.friendster.com:81/photos/65/18/8156/559683266l.jpg</src_big>
<link>http://photos.friendster.com:81/photos/65/18/8156/559683266</link>
<caption/>
<created>1175602432</created>
<is_grabbed>0</is_grabbed>
</photo>
</primaryphoto_response>
Example Error Response
<error_response xmlns="<http://api.friendster.com/v1/>"
xmlns:xsi="<http://www.w3.org/2001/XMLSchema-instance>"
xsi:schemaLocation="http://api.friendster.com/v1/
http://api.friendster.com/v1/friendster.xsd">
<error_code>7</error_code>
<error_msg>Unauthorized source IP address (ip was: 10.1.2.3)</error_msg>
</error_response>
Post Notification
Resource URL:
http://api.friendster.com/v1/notification http://api.friendster.com/v1/notification/<uids>
Resource Method: POST (generate a notification)
Resource Description: API to generate a notification to the uids listed in the resource URL on behalf of the logged in user. If no uids are provided, the notification is generated for the logged in user. There is a limit to the number of notifications a user can receive per day from a single application. When a user receives an app notification, "NEW app notifications" displays under My Inbox in the logged in homepage. The notifications appear in the user's app notifications page as follows:
Request:
| string | api_key | API key |
| string | sig | Signature of the request |
| string | session_key | Session identifier |
| int | nonce | Unique ID that avoids replay attacks. |
| string | content | Content of new notification. Must not be an empty string (max 300 characters) [HTML not allowed] |
| string | subject | Subject of the notification (max 80 characters) [HTML not allowed] |
| string | label | Notification label (max 50 characters) [HTML not allowed] |
| string | type | Notification type ( 2 = Notification ) |
| string | uids | Comma separated list of User IDs to send the notification to |
| string | url_fragment | url fragment that will be appended to the canvas URL. For eg., if the url fragment is /notifications?sender_uid=12345, then the URL will be http://apps.friendster.com/simpleapp/notifications?sender_uid=12345&nid=<notification_id>&src=app_notifications |
| string (optional) | format | XML (default), JSON |
Response :
| container | uids | uids that were successfully notified. |
Error Conditions/Response :
| Error Code | Error Condition | Description | HTTP status code |
| 1 | Unexpected error | Unexpected internal error | 500 |
| 4 | Wrong Method | Invalid HTTP method (must be POST) | 501 |
| 6 | Invalid session key | Invalid session key | 403 |
| 8 | Disabled application | Widget is disabled and cannot be used | 403 |
| 100 | Invalid input parameter | Input parameters missing or invalid | 400 |
| 101 | Unknown application | API Key does not exist | 404 |
| 102 | Session expired | The current session has expired | 403 |
| 103 | Request replay | The request was already submitted | 400 |
| 104 | Invalid signature | Request signature is invalid | 400 |
Example Request:
http://api.friendster.com/v1/notification/53642,72361,4734?type=1&api_key=2e37638f335f0545c3719d34f4d20ed0
&content=hello%20world&subject=hello%20world%20app&label=click%20here&sig=fake_sig
Example Response (XML):
<?xml version="1.0" encoding="UTF-8"?>
<notifications_response
xmlns="<%3Chttp://api.friendster.com/v1/>"xmlns:xsi="<http://www.w3.org/2001/XMLSchema-instance>"
xsi:schemaLocation="http://api.friendster.com/v1/ <http://api.friendster.com/v1/friendster.xsd>"
list="true">
<uid>53642</uids>
<uid>72361</uids>
<uid>4734</uids>
</notifications_response>
Example Error Response (XML):
<error_response xmlns="<http://api.friendster.com/v1/>"
xmlns:xsi="<http://www.w3.org/2001/XMLSchema-instance>"
xsi:schemaLocation="http://api.friendster.com/v1/
http://api.friendster.com/v1/friendster.xsd">
<error_code>100</error_code>
<error_msg>Missing parameters from notification</error_msg>
</error_response>
Get Application friends
Resource URL:
http://api.friendster.com/v1/application/friends
Resource Method:
GET (obtain list of friends who have the application currently installed)
Resource Description:
This API returns the list of friends who already installed a similar widget or application.
Request :
| string | api_key | Unique API ID given to each widget / application. |
| string | session_key | Session identifier |
| int | nonce | Unique ID that avoids replay attacks. |
| string | sig | Request signature |
| string (optional) | format | XML (default), JSON |
Response :
| appfriends | A list of user ids for friends who have installed this application this application |
Error Conditions/Response :
| Error Code | Error Condition | Description | HTTP status code |
| 1 | Unexpected error | Unexpected internal error | 500 |
| 4 | Wrong Method | Invalid HTTP method (must be GET) | 501 |
| 6 | Invalid session key | Invalid session key | 403 |
| 8 | Disabled widget | Widget is disabled and cannot be used | 403 |
| 100 | Invalid input parameter | Input parameters missing or invalid | 400 |
| 101 | Unknown widget | API Key does not exist | 404 |
| 102 | Session expired | The current session has expired | 403 |
| 103 | Request replay | The request was already submitted | 400 |
| 104 | Invalid signature | Request signature is invalid | 400 |
Example Request:
http://api.friendster.com/v1/appfriends
Example Response (XML):
<appfriends_response xmlns="http://api.friendster.com/v1/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/friendster.xsd" list="true">
<appfriends>
<uid>123456</uid>
<uid>81213123</uid>
<uid>12310993</uid>
</appfriends>
</appfriends_response>
Example Error Response
<error_response xmlns="http://api.friendster.com/v1/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.friendster.com/v1/">
<error_code>104</error_code>
<error_message>Invalid signature</error_message>
</error_response>
Resizing the Canvas Page Iframe
It's possible for developers to dynamically size the container iframe on the canvas page to the contents of the inner canvas page.
App developers should include on their canvas page two things:
Sample page below:1) A script tag pointing at iframe_resize.js:
<script src="http://images.friendster.com/js/iframe_resize.js"></script>2) A function call to the resizeIframe method made with the width and height parameters at the window.onload event:
resizeIframe(width,height)
<html>
<head>
<script src="http://images.friendster.com/js/iframe_resize.js"></script>
</head>
<body onload="resizeIframe(800,600)">
<!-- widget canvas page content is here -->
</body>
</html>
Note that including this code is entirely optional and is only needed if iframe resizing is required.