API Instructions

The Disabled Person API is implemented as basic XML over HTTPS using all four verbs (GET/POST/PUT/DELETE).


You can explore the view part of the API (everything that’s fetched with GET) through a regular browser. Using Firefox for this is particularly nice as it has a good, simple XML renderer (unlike Safari which just strips the tags and dumps the content). Pretty much any URL on Disabled Person can be viewed in its XML form by adding the .xml extension. So /jobs/4 becomes /jobs/4.xml if you want to see the XML version.


Authentication:


When you’re using the API, it’s always through an existing user registered through the Disabled Person website. There’s no special API user. So when you use the API as “james”, you get to see and work with what “james” is allowed to. Authenticating is done with an authentication token, which you’ll find on the “My Account” screen on the website when you’re logged in (click the “Show Key” link in the API section).


When using the authentication token, you don’t need a separate password. But since Disabled Person uses HTTP Basic Authentication and lots of implementations assume that you want to have a password, it’s often easier just to pass in a dummy password, like X.


Example using the authentication token and a dummy password through curl:



curl -u 605b32dd:X http://disabledperson.com/jobs/1.xml


Remember that anyone who has your authentication token can see and change everything you have access to. So you want to guard that as well as you guard your username and password. If you come to fear that it has been compromised, just change your regular password and the authentication token will change too.


Reading through the API:


The Disabled Person API has two categories of actions for reading: Show and list. Show returns a single record and list returns a collection. There’s usually just a single show action for each resource, but many lists. All these actions are done through GET, which also means that they’re all easily explorable through a browser as described above.


A few examples of reading with curl:


curl -u 605b32dd:X http://disabledperson.com/jobs/1.xml


If the read is successful, you’ll get an XML response back along with the status code “200 OK”.


Writing through the API:


Creating, updating, and deleting resources through the API is almost as easy as reading, but you can’t explore it as easily through the browser. Regardless of your implementation language, though, using curl to play first is a great idea. It makes it very easy to explore the API and is perfect for small scripts too.


When you’re creating and updating resources, you’ll be sending XML into Disabled Persons. You need to let the system know that fact by adding the header “Content-type: application/xml”, so we know that it’s not regular form-encoded data coming in. Then you just include the XML of the resource in the body of your request.


A few examples creating new resources, first with the XML inline, second referencing the XML from a file:


curl -u 605b32dd:X -H 'Content-Type: application/xml' \
-d '<job></job>' http://disabledperson.com/jobs.xml

curl -u 605b32dd:X -H 'Content-Type: application/xml' \
-d @job.xml http://disabledperson.com/jobs.xml


The response to a successful creation is the status code “201 Created”. You can get the URL of the new resource in the Location header (such that you know where to update your new resource in the future). We also include the complete XML for the final resource in the response. This is because you can usually get away with creating a new resource with less than all its regular attributes. Especially attributes like created_at can be helpful to get back from the creation.


Updating resources is done through the PUT verb and against the URL of the resource you want to update. A few examples:


curl -u 605b32dd:X -X PUT -H 'Content-Type: application/xml' \
-d <job></job>' http://disabledperson.com/jobs/5.xml

curl -u 605b32dd:X -X PUT -H 'Content-Type: application/xml' \
-d @job.xml http://disabledperson.com/jobs/27.xml


The response to a successful update is “200 OK”.


Finally, you can delete resources (if you’re allowed to) using the DELETE verb. An of that:


curl -u 605b32dd:X -X DELETE http://disabledperson.com/jobs/5.xml


Note that you don’t need to pass the content-type header because you’re not sending any XML. The response to a successful delete is “204 No Content”.


———————————-


We’ve put together a job sample, check it out.