GithubHelp home page GithubHelp logo

connect's Introduction

Getty Images Connect API

Our set of APIs enable seamless integration of Getty Images' expansive content, powerful search and rich metadata directly into your internal workflows, products and services. With Connect's API solutions, you can fully control, customize and scale as you grow.

The Connect API uses JSON over HTTP POST to allow you to build applications capable of search and download on Getty Images using an active download agreement.

##Steps to Get Started

  1. Register for API credentials via our portal.
  2. Familiarize yourself with the [core concepts] (https://github.com/gettyimages/connect/blob/master/README.md#core-concepts) and the API operations.
  3. Begin developing your application, using the [Client Credentials flow] (https://github.com/gettyimages/connect/blob/master/documentation/endpoints/oauth2/README.md#client-credentials-flow) on the OAuth 2 endpoint.

We will reach out to you concerning commercialization of your application.

##Endpoints

###Session operations

###Search operations

###Download operations

###Lightbox operations

###oEmbed operations

##Core Concepts

###Authentication All operations in the Getty Images Connect API require an access token argument provided in the RequestHeader. Authorization is granted and an access token based on application and user credentials. The access token securely identifies the caller of an operation. When called, an operation checks the validity of the token before executing the request. A malformed, invalid, or expired token causes an operation to fail.

Clients get access tokens by authenticating themselves using one of the OAuth2 authorization flows. (Before OAuth2, tokens were retrieved by calling the CreateSession operation.) Most client applications are required to provide the API credentials and a specific user's credentials. For more information, see our [OAuth2 documentation] (https://github.com/gettyimages/connect/blob/master/documentation/endpoints/oauth2/README.md).

###Secure-Only Operations Some operations are secure only. These operation must be called over an SSL connection with a secure token. They include OAuth2, CreateSession, RenewSession, and CreateDownloadRequest.

The required combination of passing a secure token over SSL prevents a "man-in-the-middle" exploitation where an attacker sniffs tokens from a non-SSL connection, then uses the token to impersonate the client, thereby possibly gaining access to sensitive information or processes. Operations that could expose sensitive data only accept secure tokens over SSL. As long as these tokens are always and only passed over SSL, attackers can never acquire a secure token with which to impersonate a valid customer.

Secure authentication tokens are provided by CreateSession operation. Secure tokens are essentially the same as standard tokens, with the difference that secure tokens can only be used over SSL connections. Calling any operation with a secure token over a non-SSL connection will result in an error.

###Token Expiration and Renewal Access tokens expire after 30 minutes. Depending on the OAuth2 authorization flow, you may receive a refresh token as part of the OAuth2 response that you can use to refresh the session.

If you are calling CreateSession, you can renew a token before it expires by using the RenewSession operation, without having to provide credentials again.

We recommend clients track each token's time-to-expiration and proactively use the refresh token or call
RenewSession prior to the token's expiration.

connect's People

Contributors

mattdahlgren avatar jfew avatar cpostilion avatar claesch avatar rantonerikgetty avatar grumpicus avatar jspeaker avatar burtonm3 avatar sarukod avatar ateesdale avatar caseymacpherson avatar gbasi avatar jose-zapata avatar jphillips-gettyimages avatar paulkruggetty avatar alex-ross83 avatar

Watchers

James Cloos avatar Phan Van Trung avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.