In order to protect your files, authentication is required for all calls related to fullfillment files.

Compute Authentication string

Computation Formula
                AuthenticationString = BytesToHex(MD5(utf8(username + ':' + apikey + ':' + url)));
You can get your API key by clicking on account link in upper right corner.
The url is the Path and querystring (no hostname).

When you make a webservice call which requires authentication, you need to pass the computed authentication string to the webservice using one of two methods.
  • Method 1:
    Pass ldfauth through the query string.
    Note: the query string must be at end of the list of parameters.
                            string auth = GetAuthString(username, apikey, url);
                            url = "" + url + "&ldfauth=" + auth;
  • Method 2:
    Pass ldfauth through the http request header.
                            string auth = GetAuthString(username, apikey, url);
                            url = "" + url;
                            downloader.Headers["ldfauth"] = auth;

Optional ticket based authentication

The ticket method is needed if you wish to generate direct urls to fullfillment files in javascript or html.
You can create a ticket which expires in 2 days using an API call:
                "" + username + "/Token/GetAuthTicket?date=" + currdate + "&format=xml"
  • The currdate variable is in the format: yyyy-MM-dd (year-month-day ie. 2010-08-25).
  • This call must be authenticated using authentication string.
  • The ticket is under the root-node of the returned xml, in a parameter called "Ticket".
  • The returned ticket can then be appended to any webservice url in a querystring parameter called 'LDFTicket'.
    When the ticket is appended to a url it must be escaped (including plus signs).

Example: Create Ticket using C#:
                static public string GetTicket(string username, string apikey)
                    string curr = DateTime.UtcNow.ToString("yyyy-MM-dd");
                    string ticketurl = "/" + username + "/Token/GetAuthTicket?date=" + curr + "&format=xml";

                    // Use the authentication method above to authenticate:
                    string auth = GetAuthString(username, apikey, ticketurl);
                    ticketurl = "" + ticketurl;

                    // Download the ticket:
                    ticketurl = ticketurl + "&ldfauth=" + auth;
                    WebClient wc2 = new WebClient();
                    string ticketxml = wc2.DownloadString(ticketurl);
                    System.Xml.XmlDocument x = new System.Xml.XmlDocument();
                    string ticket = x.DocumentElement.SelectSingleNode("Ticket").InnerText;
                    return ticket;
                string ticket = GetTicket(username, apikey);
                url = url + "&LDFTicket=" + Uri.EscapeDataString(ticket);