I don't know what the Summon API uses to authenticate clients. It looks from the Python code like a key and secret is involved. You should be care about embedding these API credentials (key/secret) in a Javascript. This makes them available for anyone copy and use. Karen On Sun, Nov 2, 2014 at 4:12 PM, Sara Amato <[log in to unmask]> wrote: > Has anyone constructed Summon API queries in javascript? (assuming that > they can be constructed to use jsonp and avoid cross domain problems …???) > > > > Subject: > > > Re: Q: Summon API Service? > > From: > > > Doug Chestnut <[log in to unmask]> > > Reply-To: > > > Code for Libraries <[log in to unmask]> > > Date: > > > Wed, 27 Oct 2010 11:56:04 -0400 > > Content-Type: > > > text/plain > > Parts/Attachments: > > > > text/plain (45 lines) > > > Reply > > If it helps, here are a few lines in python that I use to make summon > queries: > > def summonMkHeaders(querystring): > summonAccessID = 'yourIDhere' > summonSecretKey = 'yourSecretHere' > summonAccept = "application/json" > summonThedate = datetime.utcnow().strftime("%a, %d %b %Y > %H:%M:%S GMT") > summonQS = "&".join(sorted(querystring.split('&'))) > summonQS = urllib.unquote_plus(summonQS) > summonIdString = summonAccept + "\n" + summonThedate + > "\n" + summonHost + "\n" + summonPath + "\n" + summonQS + "\n" > summonDigest = > base64.encodestring(hmac.new(summonSecretKey, unicode(summonIdString), > hashlib.sha1).digest()) > summonAuthstring = "Summon "+summonAccessID+';'+summonDigest > summonAuthstring = summonAuthstring.replace('\n','') > return > > {'Accept':summonAccept,'x-summon-date':summonThedate,'Host':summonHost,'Authorization':summonAuthstring} > > --Doug > > On Tue, Oct 26, 2010 at 6:46 PM, Godmar Back <[log in to unmask]> wrote: > > Hi, > > > > Unlike Link/360, Serials Solution's Summon API is extremely cumbersome to > > use - requiring, for instance, that requests be digitally signed. (*) > > > > Has anybody developed a proxy server for Summon that makes its API public > > (e.g. receives requests, signs them, forwards them to Summon, and relays > the > > result back to a HTTP client?) > > > > Serials Solutions publishes some PHP5 and Ruby sample code in two API > > libraries (**), but these don't appear to be fully fledged nor > > easy-to-install solutions. (Easy to install here is defined as an > average > > systems librarian can download them, provide the API key, and have a > running > > solution in less time than it takes to install Wordpress.) > > > > Thanks! > > > > - Godmar > > > > (*) http://api.summon.serialssolutions.com/help/api/authentication > > (**) http://api.summon.serialssolutions.com/help/api/code > > >