POST /user/{userId}/product/{productId}
Requires authentication with server access token.
Grant a user access to a product. NB! While using GET
with this endpoint will also provide information about access to subscriptions, POST
can only be used to grant access to products, not subscriptions.
See also
GET
/user/{userId}/productsGET
/user/{userId}/product/{productId}DELETE
/user/{userId}/product/{productId}
Help us improve
Did you spot an error? Or maybe you just have a suggestion for how we can improve? Leave us a comment.
Request
POST /api/2/user/{userId}/product/{productId}
userId | required path parameterThe user's |
---|---|
productId | required path parameterID of a product or subscription. Since version 2.9, this may also be a product alias, in which case you should also use the |
Example request
cURL
curl https://login.schibsted.com/api/2/user/42/product/1337 \
-X POST \
-d "oauth_token=[access token]"
Java
SpidOAuthToken token = spidClient.getServerToken();
String responseJSON = spidClient.
POST(token, "/user/42/product/1337").
getResponseBody();
This example is an excerpt, see a full example
PHP
<?php
$client->auth();
echo var_dump($client->api("/user/42/product/1337", "POST"));
This example is an excerpt, see a full example
Clojure
(ns example
(:require [spid-client-clojure.core :as spid]))
(let [client (spid/create-client "[client-id]" "[secret]")
token (spid/create-server-token client)]
(spid/POST client token "/user/42/product/1337"))
Response
This endpoint supports the JSON and JSON-P response formats.
Success: 200 OK
Grant a user access to a product
User product access
productId ✓ | integer (as string) |
---|---|
result ✓ | booleanIf |
subscriptionId | integer (as string)Only provided for subscriptions |
startDate | datetimeOnly provided for subscriptions |
expires | datetimeOnly provided for subscriptions |
autoRenew | integer (as string)The number of times a subscription will be automatically renewed. Only provided for subscriptions |
gracePeriod | stringOnly provided for subscriptions |
The check mark ✓ indicates that the field always contains a valid non-empty value.
Failure cases
Some HTTP response codes are used for multiple error situations. There is no consistent way to tell these apart, but the error object will contain a textual explanation of the reason for the error. For explanation on OAuth related failures and errors see OAuth authentication failures.
- 401 Unauthorized You don't have administration rights for this client.
- 401 Unauthorized Your client doesn't have administration rights for this client.
- 403 Forbidden Client is not authorized to access this API endpoint. Contact SPiD to request access.
- 403 Forbidden Requesting IP is not whitelisted
- 403 Forbidden Access token rejected
- 404 Not Found Unknown client ID
- 404 Not Found Client ID mismatch. The client making the request is no the owner of this resource, and does not have administrative privileges for it.
- 420 Request Ratelimit exceeded
Sample response
JSON
{
"productId": "301694",
"result": true
}
JSON-P
callback({
"productId": "301694",
"result": true
});
Comments/feedback
Do you have questions, or just want to contribute some newly gained insight? Want to share an example? Please leave a comment. SPiD reads and responds to every question. Additionally, your experience can help others using SPiD, and it can help us continuously improve our documentation.