Backstage Blog

RSS logo

You're browsing posts of the category API

We ♥ OAuth 2

January 19th, 2011 by Johan

oauth 2 logo

From today on, we advise developers to use OAuth 2 as preferred way of API authentication. Our implementation of the Draft 10 OAuth 2 specification is in production for several months months now and we made good experiences with it. Thus we move it from beta to official recommendation.

OAuth 2 makes it easier for developers to implement authentication for accessing private resources. The feedback we got from external app developers and our in-house API users has been very positive. This is what Ullrich, one of the developers of the SoundCloud iPhone app and Cocoa wrapper, has to say about…

Read more…

Of CORS We Do

August 27th, 2010 by Thor

If you’re a JavaScript head, we’ve got something for you. SoundCloud now supports Cross Origin Resource Sharing, using XMLHttpRequest. Or, to put it another way: no more implausible JSON-P hacks.

Some background on CORS can be found here and here.  Our implementation is super-simple:  we let you do GET requests, for our public resources. Full documentation of the feature is on our wiki, but here’s a bit of code to get you started:

var invocation = new XMLHttpRequest();
// Internet Explorer uses a propritary object called XDomainRequest
var url = 'https://api.soundcloud.com/tracks';
function callOtherDomain() {
    if (invocation) {
        invocation.open('GET', url, true);
        invocation.onreadystatechange = handler;
        invocation.send();
    }
}

As we’re just setting headers, the implementation was done as an…

Read more…