2016-12-13 Release

Pulse REST API updates.

Pulse REST API authentication upgrade

Attention: We have made major changes in our authentication infrastructure to support the OAuth 2.0 protocol and we strongly recommend clients with existing integrations to upgrade as soon as possible. If you have an existing integration and want to upgrade, please contact your Account Manager for further assistance.

Previously, the Booking, Reporting, Forecasting, and Targeting Template REST APIs used a different authentication mode than the one used for the Ad REST API. Now, all Pulse REST APIs use the OAuth 2.0 protocol for authentication.

Previously, your first request was an HTTP POST request for access to the system using your Pulse login credentials. Now, to access the Pulse REST API, you need an API key, which is your global account key and it is not connected to a specific user. You create the key at https://manager.videoplaza.com/api-key. Use your Pulse credentials to log in to the API Key UI. You can create multiple API keys for your account, which are secret and permanent keys. Including an API key in each request as the x-o-api-key in the header is mandatory.

Deprecated and modified: Authenticating using the X-VP-AUTH-API key and X-VP-AUTH token

The old way of authenticating, using the X-VP-AUTH-API key or X-VP-AUTH token, is still supported for existing integrations but it is not used for new ones. If you are already following best practices in your REST API integration, then you are not affected by the authentication upgrade at all. However, the upgrade affects integrations using the X-VP-AUTH token:
  • The X-VP-AUTH token generated today is longer than the previously generated 128 characters token.
  • Previously generated X-VP-AUTH token was valid for 1 hour and the client got a new X-VP-AUTH token on every backend request. Now, integrations using X-VP-AUTH token for more than an hour need to re-authenticate their session when given 401 (Unauthorized) response back, because we no longer generate new X-VP-AUTH token on each new request.
  • Integrations which are looking for parameters other than X-VP-AUTH header or Cookie in the authentication response no longer work. Clients should solely rely on X-VP-AUTH header or Cookie parameter for authenticated session.

If you are one of the clients who are affected by this upgrade, please make sure you have the following behavior when getting the authorization token:

  • Your integration must read X-VP-AUTH from Response Header or Cookie.
  • Make sure your integration handles re-authentication when given 401 response for an operation.

Booking API base URL update

Previously, the base URL for the Booking API was http://core.videoplaza.com/core/api/1.0/. Now, the base URL is https://api.videoplaza.com/api/1.0/.

Supported protocol update

Previously, the Booking, Reporting, Forecasting, and Targeting Template API access was over HTTP. Now, all API access is over HTTPS, and accessed from https://api.videoplaza.com.

Documentation releases

This release includes the following documentation updates: