Express Entry:Token Server
Using the Token Server
Express Entry supports the use of authentication tokens to access the service. Tokens are more secure when compared to the other methods of passing sensitive information in plain text over a network, where it could be observed by a third party. PHP code and a JavaScript script which calls the PHP are provided to demonstrate how to implement tokens in a web page.
In order to implement the PHP and JavaScript sample:
- The server must have PHP enabled.
- The sample PHP must be loaded on the server and your license key must be entered where marked in the code.
- The JavaScript sample must be pasted into your webpage and edited with your IP information.
- Both the PHP sample and the calling Javascript must be on the same domain.
Note that the page where the JavaScript resides must be in the same domain as the file containing the PHP token-handling code. This is due to ‘same origin policy’ of AJAX. If Express Entry does not respond with addresses after inserting/adding the Javascript and PHP code, make sure that the JavaScript is called from the same domain as the server hosting the PHP, and that the token variable is being used in the line ‘this.clientid = token;’ in the MDConnect_Properties() function.
The code is commented where the necessary changes (such as adding the license string) are to be made.
You may also make a REST request to the token server which has the address
http://token.melissadata.net/v3/web/Service.svc/RequestToken?
, with the parameters ‘L=[Ident]’ and ‘&P=pkgExpressEntry’, to retrieve a token. For example, opening the page
http://token.melissadata.net/v3/web/Service.svc/RequestToken?L=[Ident]&P=pkgExpressEntry
will return a token starting with ‘T:’. Also, for added security, you may pass your IP with '&IP=', which can then be used to detect unauthorized use of your tokens.