Authorization
There are currently two possibilities how to authorize API requests:
Both methods require at first the creation of an "application" via the GUI ("Apps" tab) of our webapp. After creating the application, you'll get a set of application credentials in return (the "client_id" and "client_secret").
With the OAuth 2.0 option, a bearer token has to be sent together with every API request. Such an OAuth 2.0 access token can be obtained via the "/oauth/" API endpoint. The second option is to cryptographically sign API requests by calculating a HMAC signature and appending this signature as a query parameter.
Creating an Application and obtaining client_id and client_secret
An application provides a set of alternate "login" credentials allowing you to delegate API access under your account to one (or more) applications (e.g. a script, your website, etc.). This way you don't need to leak your actual username and password into an application config file and you can also at any time disable or limit API access of a certain application again without harming any of your other apps or your global account.
Further, apps will also allow you to track your account usage (e.g. the download bandwidth of hosted video) individually per application. So in case you have multiple websites just create one app for each site and it'll be easy to track the download traffic caused by each of your sites.
To create an app, switch to the "Apps" tab in your My MediaHub dashboard and click on "Add App". Then enter a name for your new app and click "Create":
The newly created app will now show up in the grid. To obtain its corresponding application credentials, click on the "Edit" button. From the popup-window that's then shown, just copy&paste your Client ID and Client Secret.