posted this on February 16, 2010 12:03 AM
Authentication is done via Basic HTTP Authentication. Use the API key as the username and x as the password as shown below. The key must be passed in every request to the API. All API activity will be logged in the audit trail as the user 'API'.
You can find the The API key in the admin interface under Security / API.
REST stands for REpresentational State Transfer and is a very simple and elegant way of interacting with applications using standard HTTP operations. If you are interested in reading more about REST, check out this Wikipedia article.
OneLogin's API supports five basic operations for each entity: read, list, create, update and delete. The easiest way to illustate how they work is using cURL. Note that some of the operations expect the 'application/xml' content type and will not work without it.
An operation must return one of the following codes.
404 Not found
422 Unprocessable entity - see <errors></errors> in the response document for details.