This is the first public beta release of the CodeProject APIs. The documentation is limited and some of the request/response schemas may (probably) will change as our users tell us what we did wrong and how we should do it. However, you can't all be right, so not everyone will get what they wish for.
CodeProject provides a number of APIs which allow access to various resources from the CodeProject site. The initial release, V1 Beta1, only allow read access to the resources. These APIs can be found at the Resource Server located at https://api.codeproject.com.
The details of each of the APIs can be seen by selecting the appropriate API name in the APIs section on the left.
The CodeProject APIs are secured using an OAuth2 server which issues Access Tokens that must be sent to the Resource Server with each request in the Authorization Header of the HTTPS request. In order to protect the Access Token and data, HTTPS must be used to make requests to the Resource Server. Details ofthe OAuth2 specification can be found here. Further information about OAuth2 such as examples and client libraries can be found here. Further details on obtaining a Access Token can be found by selecting the Using OAUth2 chapter on the left.
There are two types of APIs exposed. The My API gets information about the logged in User. As such, the My API requires the user to grant the client application access to their information using the Authorization Code Grant or Implicit Grant flow from the OAuth2 specification to get the Access Token.
The other APIs, Articles, ForumMessages, and Questions
access generally available content from The CodeProject website. While these APIs can be accessed by a
logged on user's Access Token as for the My API, they can also be accessed with an
Access Toke obtained using the Client Credentials Grant which uses the registered
Clients (Applications or Websites) can be registered
You can register up to 8 clients with their
Client Secret, and can also regenerate the
Client Secret if it has
been compromised. Note: the
Redirection URI must be a valid HTTPS
absolute URL ending in '/'.
OAuth is used to secure the APIs of many web applications including Google, LinkedIn, Facebook, Twitter, GitHub, and many others.
The CodeProject APIs are secured using an OAuth2 server which issues Bearer Tokens that must be sent to the Resource Server with each request in the Authorization Header of the HTTPS request. In order to protect the Bearer Token and data, HTTPS must be used to make requests to the Resource Server. Details ofthe OAuth2 specification can be found here. Further information about OAuth2 such as examples and client libraries can be found here.
OAuth2 provides several different 'flows' for obtaining an Access Token to be used when accessing
the APIs. For the situation where the resources to be accessed are controlled by a User, the
Authorization Code Grant or simpler Implicit Grant flows can be used. Both require that
the client can respond to a
HTTP Redirect in order to prevent the application from
having any visibilty to the User Credentials. Typically, the Authorization Code Grant
is used by Server-Side coded web applications, while the Implicit Grant is used by
As the My API provides access to User data, one of the Authorization Code Grant or Implicit Grant flows must be used to obtain the Access Token. This API will fail if called using an Access Token obtained using the Client Credentials Grant flow.
The other APIs can use an Access Token obtained using any of the OAuth2 flows, but if the client
is not going to access the My API, then the Client Credentials Grant
can be used. The advantage to this flow is that is does not require the User to enter any
credentials. However, steps should be taken to protect the
application as the code could be examined using Developer Tools in most browsers.
The Articles API allows the client access the CodeProject Articles in various ways. This includes Articles, Technical Blogs, and Tips & Tricks. Initially, the only method allows the client to get a page of the latest Articles.
Gets a page of the latest Articles, Technical Blogs, and Tips & Tricks, with a rating >= 3.0, ordered by Modified Date descending. The list can be filtered by specifying a list of tags. If specified, the Article must be tagged with at least one of the tags.
This controller deals with accessing ForumMessages.
Gets the latest Messages for a Forum.
Gets the latest Messages for a MessageThread.
This API provide access to various resources that belong to the user.
Gets a page of the user's Answers.
Gets a page of the user's articles.
Gets a page of the user's Blogs Posts.
Gets a page of the user's Bookmarks.
Gets a page of the user's Messages.
Gets a page of the user's Notifications.
Gets the current user's profile information.
Gets a page of the user's Questions.
Gets a page of the user's Reputation.
Gets a page of the user's Tips.
This controller deals with accessing Questions.
Gets a page of the latest new, active, or unanswered Questions. The mode parameter specifies on which type of Questions to filter the results. Tags to include or exclude questions may also be specified to further limit the results contents.