Last Fm Generate Api Key

/ Comments off

Sep 15, 2015  Get an ad-free experience with special benefits, and directly support Reddit. Using last.fm API, developers may create applications to fetch and sort from a huge collection of music. In this tutorial, we will create a simple application using last.fm API. We will fetch top artists and their playcount and will render those, ordered by playcount in an HTML page. Live demo of your last.fm App. Obtaining an API key.

Last.fm Web Services
The authentication API provides third-parties with a secure means of creating Last.fm user sessions over the Last.fm API, for deeper integration with our platform. All write services require authentication.

1. Get an API Key

You will need to apply for a key before authenticating with the API.

2. Configure Your API Account

Head over to your api accounts page, and select the account you wish to configure. You need to supply an application name, a description and an optional logo. Each of your account pages contains an API key and secret; you will need both to use the API.

3. Choose your authentication path

  • If you're building a web application, see the web application how-to for more details.
  • If you're building a desktop application, see the desktop application how-to for more details.
  • If you're building on a standalone device such as a mobile phone, see the mobile how-to for more details.

In some cases, you may want to choose a different authentication path from the obvious (e.g. a mobile app could well use the desktop path if there's a web browser on the device). If in doubt, check them all out.

4. Authentication Spec

See the full authentication API specification for an overview of the API.

Last.fm Web Services
This authentication how-to is for web applications only. Desktop application developers should see the desktop application how-to.

1. Get an API Key

If you don’t already have an API account, please apply for one. For each of your accounts you will have a shared secret which you will require in Section 6. You will also need to set up a callback url which our authentication service will redirect to in Section 4.

2. Request authorization from the user

Send your user to last.fm/api/auth with your API key as a parameter. Use an HTTP GET request. Your request will look like this:

If the user is not logged in to Last.fm, they will be redirected to the login page before being asked to grant your web application permission to use their account. On this page they will see the name of your application, along with the application description and logo as supplied in Section 1.

2.1 Custom callback url

You can optionally specify a callback URL that is different to your API Account callback url. Include this as a query param cb. This allows you to have users forward to a specific part of your site after the authorisation process.

3. Create an authentication handler

Once the user has granted permission to use their account on the Last.fm page, Last.fm will redirect to your callback url, supplying an authentication token as a GET variable. If the callback url already contains a query string then token variable will be appended, like; The script located at your callback url should pick up this authentication token and use it to create a Last.fm web service session as described in Section 4.

3.1 Authentication Tokens

Authentication tokens are user and API account specific. They are valid for 60 minutes from the moment they are granted.

4. Fetch a Web Service Session

Send your api key along with an api signature and your authentication token as arguments to the auth.getSession API method call. The parameters for this call are defined as such:

api_key: Your 32-character API Key.
token: The authentication token received at your callback url as a GET variable.
api_sig: Your 32-character API method signature, as explained in Section 6

Last Fm Generate Api Key Code

Key
Note: You can only use an authentication token once. It will be consumed when creating your web service session.

The response format of this call is shown on the auth.getSession method page.

4.1 Session Lifetime

Session keys have an infinite lifetime by default. You are recommended to store the key securely. Users are able to revoke privileges for your application on their Last.fm settings screen, rendering session keys invalid.

5. Make authenticated web service calls

You can now sign your web service calls with a method signature, provided along with the session key you received in Section 4 and your API key. You will need to include all three as parameters in subsequent calls in order to be able to access services that require authentication. You can visit individual method call pages to find out if they require authentication. Your three authentication parameters are defined as:

sk (Required) : The session key returned by auth.getSession service.
api_key (Required) : Your 32-character API key.
api_sig (Required) : Your API method signature, constructed as explained in Section 6

Last Fm Generate Api Key Login

6. Sign your calls

Construct your api method signatures by first ordering all the parameters sent in your call alphabetically by parameter name and concatenating them into one string using a <name><value> scheme. So for a call to auth.getSession you may have:

Last.fm Api Key

Ensure your parameters are utf8 encoded. Now append your secret to this string. Finally, generate an md5 hash of the resulting string. For example, for an account with a secret equal to 'mysecret', your api signature will be:

Last Fm Generate Api Key In Excel

Where md5() is an md5 hashing operation and its argument is the string to be hashed. The hashing operation should return a 32-character hexadecimal md5 hash. What generates the key pair used in asymmetric cryptography.