Versions Compared

Old Version 1

changes.mady.by.user Jonathan Cohen

Saved on

compared with

New Version 2

changes.mady.by.user Jonathan Cohen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Overview

This guide is a quick reference that lists the steps for accessing the customer information of the currently logged in user. In USTA parlance, this is 'Bound' access. In this mode, the customer UAID is bound to the session under which the user has logged in to USTA.com.  The token will restrict access to only data for this one UAID.

...

It should be noted that the best use of this API is within the context of a browser-based application.  Because the customer UAID is bound to the token, it is safe to store in a cookie.

Image Removed


Step 1:  Retrieve a

...

Credentials Token

This API calls the USTA OAuth Service to retrieve a JWT token that will be used to define the scope of permissions for future calls.  Please note that if you are working within the context of a browser application, this token will be visible to users and could be used for subsequent calls.  

The scope restricts access as defined by USTA at the time of client_id setupThe USTA bound access model is secured via the Janrain Identity Service.  You must pass in your unique email corresponding to the USTA account for which you would like to retrieve customer information.  Please note that the identity must pre-exist at Janrain before the call is made in order to authenticate and receive a credentials token.

If the email address does not exist at Janrain, there is no customer information to retrieve from USTA.


Headers

This API call uses Basic Authorization.  Use the supplied client_id and secret to generate a Basic Authentication token.  There are many online generators you can use for testing.  One is here.

KeyValue
authorizationAuthorization'Basic [SUPPLY YOUR GENERATED BASIC AUTHENTICATION TOKEN]'
Content-Typeapplication/x-www-form-urlencoded


HTTP Call

This is the API call.  Please note the difference in base urls:

Test:  https://stage-services.usta.com

Prod: https://services.usta.com

Verb

URL

POSThttps://[stage-]services.usta.com/v1/oauth/token?grant_type=client_credentials

Result

The important info returned from this call are the following:

...

  • Legal Agreement Date
  • NCSI Status
  • SafeSport Completion
  • SafeSport Expiration

Headers

KeyValue
Content-Typeapplication/json
authorization'Bearer ZTc2ZGQxZWItZjVjMC00MDFiLWFjYTktZWYxZGRlNTcyYzg4OkhOOUU2U2ovdmtWUWEyR2pKYUxBSDF4WndWTzN0dHZWQmJRQnpRaVlpbWc1RWFvVVJ5bUVhTzc4SVRtNVh5NjQzSUo0UThTcHpTNXQ2c2Jz'

...

Email is used as the unique identifier for looking up SafePlay status.

KeyValue
emailprovider@mailinator.com


Result

The result is calculated summary status of true/false.

...

Similar to the call above, you can optionally see the inputs that went into the calculation of the isApproved call.

Headers

KeyValue
Content-Typeapplication/json
authorization'Bearer ZTc2ZGQxZWItZjVjMC00MDFiLWFjYTktZWYxZGRlNTcyYzg4OkhOOUU2U2ovdmtWUWEyR2pKYUxBSDF4WndWTzN0dHZWQmJRQnpRaVlpbWc1RWFvVVJ5bUVhTzc4SVRtNVh5NjQzSUo0UThTcHpTNXQ2c2Jz'


Data/Payload

KeyValue
emailprovider@mailinator.com


Result

The result shows the current values associated with the inputs:

...