Overview
This guide is a quick reference that lists the steps for accessing the customer information of the currently logged in user. In USTA parlance, this is 'Bound' access. In this mode, the customer UAID is bound to the session under which the user has logged in to USTA.com. The token will restrict access to only data for this one UAID.
...
It should be noted that the best use of this API is within the context of a browser-based application. Because the customer UAID is bound to the token, it is safe to store in a cookie.
Step 1: Retrieve a
...
Identity Token
The USTA bound access model is secured via the Janrain Identity Service. You must pass in your unique email corresponding to the USTA account for which you would like to retrieve customer information. Please note that the identity must pre-exist at Janrain before the call is made in order to authenticate and receive a credentials token.
...
This API call uses Basic Authorization. Use the supplied client_id and secret to generate a Basic Authentication token. There are many online generators you can use for testing. One is here.
| Key | Value | Authorization'Basic [SUPPLY YOUR GENERATED BASIC AUTHENTICATION TOKEN]' | |
|---|---|---|---|
| Content-Type | application/x-www-form-urlencoded | ||
| Cache-Control | no-cache |
HTTP Call
This is the API call. Please note the difference in base urls:
Test: https://stageusta-servicesdev.us.ustajanraincapture.com
Prod: https://services.ustausta-prod.us.janraincapture.com
| Verb | URL |
|---|---|
| POST | [stage-]services.usta usta-[ENV].us-dev.janraincapture.com/ v1/oauth/token?grant_type=client_credentialsentity?type_name=user&access_token=xzx985uf9kp3dczv&uuid=1d1da5b6-a411-462c-8b63-2f87c17b7ab5 |
Data/Payload
You must use the client_id and currentPassword assigned by USTA. The signInEmailAddress is your unique user identity at Janrain.
All other values are static and should be supplied as written below.
| Key | Value |
|---|---|
| client_id | <YOUR ASSIGNED JANRAIN CLIENT ID> |
| currentPassword | <YOUR JANRAIN PASSWORD> |
| signInEmailAddress | <YOUR UNIQUE EMAIL ADDRESS> |
| flow | standard |
| flow_version | 20161114171439489756 |
| redirect_uri | http://localhost |
| response_type | token |
| form | signInForm |
| locale | en-US |
Result
The important info returned from this call are the following:
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
{
"accesscapture_tokenuser": "eyJh...,{
"token_type": "bearer",...
},
"expiressso_incode": 43199,
"scope": "safeplay:status safeplay:details",
"cb5730b0a4bcccdd",
"client_namestat": "ClubBlingok",
"jtiaccess_token": "7b5f8ede-bbc1-4b2b-b127-a6f0e9dfb8cdy5udk6hrb7ytqh5n"
} |
Example
This example uses CURL from the command line.
| Panel |
|---|
curl -X POST |
Step 2: Retrieve Approval Status Using JWT Token
...
- Legal Agreement Date
- NCSI Status
- SafeSport Completion
- SafeSport Expiration
Headers
| Key | Value |
|---|---|
| Content-Type | application/json |
| authorization | 'Bearer ZTc2ZGQxZWItZjVjMC00MDFiLWFjYTktZWYxZGRlNTcyYzg4OkhOOUU2U2ovdmtWUWEyR2pKYUxBSDF4WndWTzN0dHZWQmJRQnpRaVlpbWc1RWFvVVJ5bUVhTzc4SVRtNVh5NjQzSUo0UThTcHpTNXQ2c2Jz' |
Data/Payload
Email is used as the unique identifier for looking up SafePlay status.
| Key | Value |
|---|---|
| provider@mailinator.com |
Result
The result is calculated summary status of true/false.
...
Similar to the call above, you can optionally see the inputs that went into the calculation of the isApproved call.
Headers
| Key | Value |
|---|---|
| Content-Type | application/json |
| authorization | 'Bearer ZTc2ZGQxZWItZjVjMC00MDFiLWFjYTktZWYxZGRlNTcyYzg4OkhOOUU2U2ovdmtWUWEyR2pKYUxBSDF4WndWTzN0dHZWQmJRQnpRaVlpbWc1RWFvVVJ5bUVhTzc4SVRtNVh5NjQzSUo0UThTcHpTNXQ2c2Jz' |
Data/Payload
| Key | Value |
|---|---|
| provider@mailinator.com |
Result
The result shows the current values associated with the inputs:
...