Asset ID

POST /user/{id}/asset/{assetId}

Requires authentication with server or user access token.

Create or update asset access for a user and asset. Will be available in version 2.71.1.

{assetId} must be non-numeric identifier see more assetId type

See also

Assets guide

Request

POST /api/2/user/{id}/asset/{assetId}

id

required path parameter

ID of the user to associate data with

assetId

required path parameter

The asset id. Max length is 255 bytes.

accessUntil

optional

If set, access will be denied after this date time. ("Y-m-d H:i:s")

Example request

cURL
Minimal example
curl https://login.schibsted.com/api/2/user/1337/asset/vg-pluss-slik-er-skam-stjernene \
   -X POST \
   -d "oauth_token=[access token]"
With all parameters
curl https://login.schibsted.com/api/2/user/1337/asset/vg-pluss-slik-er-skam-stjernene \
   -X POST \
   -d "oauth_token=[access token]" \
   -d "accessUntil=2017-12-01 13:37:00"
Java
Minimal example
SpidOAuthToken token = spidClient.getUserToken(code);
String responseJSON = spidClient.
    POST(token, "/user/1337/asset/vg-pluss-slik-er-skam-stjernene").
    getResponseBody();
With all parameters
Map<String, String> params = new HashMap<>() {{
    put("accessUntil", "2017-12-01 13:37:00");
}};

SpidOAuthToken token = spidClient.getUserToken(code);
String responseJSON = spidClient.
    POST(token, "/user/1337/asset/vg-pluss-slik-er-skam-stjernene", params).
    getResponseBody();

This example is an excerpt, see a full example

PHP
Minimal example
<?php
$client->auth();
echo var_dump($client->api("/user/1337/asset/vg-pluss-slik-er-skam-stjernene", "POST"));
With all parameters
<?php
$params = array(
    "accessUntil" => "2017-12-01 13:37:00"
);

$client->auth();
echo var_dump($client->api("/user/1337/asset/vg-pluss-slik-er-skam-stjernene", "POST", $params));

This example is an excerpt, see a full example

Clojure
Minimal example
(ns example
  (:require [spid-client-clojure.core :as spid]))

(let [client (spid/create-client "[client-id]" "[secret]")
      token (spid/create-user-token client "[code]")]
  (spid/POST client token "/user/1337/asset/vg-pluss-slik-er-skam-stjernene"))
With all parameters
(ns example
  (:require [spid-client-clojure.core :as spid]))

(let [client (spid/create-client "[client-id]" "[secret]")
      token (spid/create-user-token client "[code]")]
  (spid/POST client token "/user/1337/asset/vg-pluss-slik-er-skam-stjernene" {"accessUntil" "2017-12-01 13:37:00"}))

Response

This endpoint supports the JSON response format.

Success: 200 OK

Returns the data inserted or updated.

Asset Access

Defines user access to the asset.

merchantId

integer (as string)

The ID of the merchant the client belongs to

uuid

string

User identifier

userId

integer (as string)

User identifier

assetId

assetId

Asset identifier

accessUntil

date-time

Access expiration date

status

Asset Access status

Asset access current status

updated

date-time

The time the access was last updated

created

date-time

The time the access was created

The check mark indicates that the field always contains a valid non-empty value.

Asset Access status

An enum, with the following possible values:

"0"

Deleted

"1"

Active

Failure cases

Some HTTP response codes are used for multiple error situations. There is no consistent way to tell these apart, but the error object will contain a textual explanation of the reason for the error. For explanation on OAuth related failures and errors see OAuth authentication failures.

  • 400 Bad Request Incorrect input data (date format or multiple ids)
  • 401 Unauthorized You don't have administration rights for this client.
  • 401 Unauthorized Your client doesn't have administration rights for this client.
  • 403 Forbidden Client is not authorized to access this API endpoint. Contact SPiD to request access.
  • 403 Forbidden Requesting IP is not whitelisted
  • 403 Forbidden Access to the user data was denied
  • 403 Forbidden Access token rejected
  • 404 Not Found Unknown client ID
  • 404 Not Found Client ID mismatch. The client making the request is no the owner of this resource, and does not have administrative privileges for it.
  • 420 Request Ratelimit exceeded

Comments/feedback

Do you have questions, or just want to contribute some newly gained insight? Want to share an example? Please leave a comment. SPiD reads and responds to every question. Additionally, your experience can help others using SPiD, and it can help us continuously improve our documentation.