Overview
This guide is a quick reference that lists the steps for accessing the customer information of the currently logged in user. In USTA parlance, this is 'Bound' access. In this mode, the customer UAID is bound to the session under which the user has logged in to USTA.com. The token will restrict access to only data for this one UAID.
Integrating your application with USTA.com is easy. You can use any programming language or tool that supports HTTPS communications.
Before Development
Before you begin development of your browser-based application, contact USTA to discuss what data you will need to access from USTA. Credentials will be issued for use to connect via HTTP.
Credentials:
- client id
- client secret
Scope:
- Read/Write
- Which data
Environments:
- Stage (preproduction)
- Prod
Building Your Application
The following is a quick guide for accessing bound customer data. More on the bound mode can be found on the API Reference page.
It should be noted that the best use of this API is within the context of a browser-based application. Because the customer UAID is bound to the token, it is safe to store in a cookie.
Step 1: Retrieve a Identity Token
The USTA bound access model is secured via the Janrain Identity Service. You must pass in your unique email corresponding to the USTA account for which you would like to retrieve customer information. Please note that the identity must pre-exist at Janrain before the call is made in order to authenticate and receive a credentials token.
If the email address does not exist at Janrain, there is no customer information to retrieve from USTA.
Headers
This API call uses Basic Authorization. Use the supplied client_id and secret to generate a Basic Authentication token. There are many online generators you can use for testing. One is here.
Key | Value |
---|---|
Content-Type | application/x-www-form-urlencoded |
Cache-Control | no-cache |
HTTP Call
This is the API call. Please note the difference in base urls:
Test: https://usta-dev.us.janraincapture.com
Prod: https://usta-prod.us.janraincapture.com
Data/Payload
You must use the client_id and currentPassword assigned by USTA. The signInEmailAddress is your unique user identity at Janrain.
All other values are static and should be supplied as written below.
Key | Value |
---|---|
client_id | <YOUR ASSIGNED JANRAIN CLIENT ID> |
currentPassword | <YOUR JANRAIN PASSWORD> |
signInEmailAddress | <YOUR UNIQUE EMAIL ADDRESS> |
flow | standard |
flow_version | 20161114171439489756 |
redirect_uri | http://localhost |
response_type | token |
form | signInForm |
locale | en-US |
Result
The important info returned from this call are the following:
jti: token that will be passed in subsequent calls
exprires_in: the Time To Live of the token
{ "capture_user": { ... }, "sso_code": "cb5730b0a4bcccdd", "stat": "ok", "access_token": "y5udk6hrb7ytqh5n" }
Example
This example uses CURL from the command line.
curl -X POST -d 'client_id=mfxx6uef2wjfjyrhav6gjn66srgt4zbp&flow=standard&flow_version=20161114171439489756&locale=en-US&redirect_uri=http://localhost&response_type=token&form=signInForm&signInEmailAddress=jmeterTesting2@mailinator.com¤tPassword=Usta@1234' 'https://usta-dev.us-dev.janraincapture.com/oauth/auth_native_traditional'
Step 2: Retrieve Approval Status Using JWT Token
This API call is used to retrieve a 'thumbs up/thumbs down' assessment of whether the provider is SafePlay approved. This result is calculated based on the following criteria:
- Legal Agreement Date
- NCSI Status
- SafeSport Completion
- SafeSport Expiration
Headers
Key | Value |
---|---|
Content-Type | application/json |
authorization | 'Bearer ZTc2ZGQxZWItZjVjMC00MDFiLWFjYTktZWYxZGRlNTcyYzg4OkhOOUU2U2ovdmtWUWEyR2pKYUxBSDF4WndWTzN0dHZWQmJRQnpRaVlpbWc1RWFvVVJ5bUVhTzc4SVRtNVh5NjQzSUo0UThTcHpTNXQ2c2Jz' |
Data/Payload
Email is used as the unique identifier for looking up SafePlay status.
Key | Value |
---|---|
provider@mailinator.com |
Result
The result is calculated summary status of true/false.
{ "isApproved": false }
Example
This example uses CURL from the command line.
curl -X POST
https://dev-services.usta.com/dev/v1/approval/isApproved
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6WyJzYWZlcGxheTpzdGF0dXMiLCJzYWZlcGxheTpkZXRhaWxzIl0sImV4cCI6MTU2OTM3OTI1OSwiY2xpZW50X25hbWUiOiJDbHViU3BhcmsiLCJqdGkiOiJjNWI0ZWNlYS1hNGQwLTQ4NmMtOGFiYi0xYzE3NmJkYTM0NGUiLCJjbGllbnRfaWQiOiJlNzZkZDFlYi1mNWMwLTQwMWItYWNhOS1lZjFkZGU1NzJjODgifQ.dWri48wRO4pbYZaZHseX6u8fRqW8yrOGr4YwpQ_IlSX4QVGPA7QHxW2wf3aOuXsXSfKYow9W7fXyNtrktlgq8i6_ZcTFPNSpEmcMnMM5gDByDbc0gEklPQ0xm8dh1GuW80SKjuFUroEieRx2T0hlxFMnoV79po2l4UsVQ7VCHSUnA498hIZnUOZlFbUltMeZS0POCLhOb41VC0Mbqkgk4QwEKtkZRLcVGCbINhlEsgOvA5TPgTVDEAi1Wt3N1O7xN5PmojNRpI8Rg0Ti2LE18TZ5JHVBxD7W3140glQURG_oRdkLNCK_czJhxI1g1PVpHjXkyM3O_Yv3RVU5_Gly3Q'
-H 'Content-Type: application/json'
-H 'cache-control: no-cache'
-d '{
"email": "provider@mailinator.com"
}'
Step 2: Retrieve Approval Details Using JWT Token (Optional)
Similar to the call above, you can optionally see the inputs that went into the calculation of the isApproved call.
Headers
Key | Value |
---|---|
Content-Type | application/json |
authorization | 'Bearer ZTc2ZGQxZWItZjVjMC00MDFiLWFjYTktZWYxZGRlNTcyYzg4OkhOOUU2U2ovdmtWUWEyR2pKYUxBSDF4WndWTzN0dHZWQmJRQnpRaVlpbWc1RWFvVVJ5bUVhTzc4SVRtNVh5NjQzSUo0UThTcHpTNXQ2c2Jz' |
Data/Payload
Key | Value |
---|---|
provider@mailinator.com |
Result
The result shows the current values associated with the inputs:
- Legal Agreement Date
- NCSI Status
- SafeSport Completion
- SafeSport Expiration
{ "legalAgreementAcceptDate": "2019-05-14", "legalAgreementExpireDate": "2021-05-14", "legalAgreementStatus": "Accepted", "ncsiCheckTimestamp": "2019-06-28T12:03:04", "ncsiExpiryDate": "2019-06-19", "ncsiCheckStatus": "Expired", "safeSportCompleteDateTime": "2018-10-25T10:56:07", "safeSportExpiryDate": "2020-10-25", "safeSportStatus": "COMPLETE", "safePlayStatus": "EXPIRED", "safePlayStatusDisplayValue": "Expired" }
Example
This example uses CURL from the command line.
curl -X POST
https://dev-services.usta.com/dev/v1/approval/details
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6WyJzYWZlcGxheTpzdGF0dXMiLCJzYWZlcGxheTpkZXRhaWxzIl0sImV4cCI6MTU2OTM3NzM5OCwiY2xpZW50X25hbWUiOiJRQSIsImp0aSI6ImI4ZmVkMTBkLTliMWItNDU2My1iZDRjLWE1ZDUyMjVhYWYxOSIsImNsaWVudF9pZCI6InFhX3NwYWFzIn0.fbmasURVRWmbUh-vx4kJJvXwYGUzh_Jc7cOgEpDxyUoOkPGBsagWUixEzMmiZylo7ZywPN5x9cTBLGon9w7aQ2BzgsfQJLqL4rmVLf9YEspo9WTSXq0tqhlV8RlzVJhCoSCIfk4qS_gztdnvTdX7a0Im64IL8At_oEMcCspnmHJJzu9cpuUQn-ByJV3xzgYTY9ZibxG_g2z4SwnpPznB0kTUw-F1_pxE8nlN_Y0-_rPt-S-VGLIXF72rEeyQhgIbAapK6Cli9Bcy1-kf992f2nDOkiL3ygfwqtsObQ5AnxNwwenVhLgWZjoh6XFob0lEHwRmBD4qJAofbFm5yZcEqg' \
-H 'Content-Type: application/json' \
-d '{
"email": "broderick@mailinator.com"
}'