Award token
From ePrize Developers Wiki
(Difference between revisions)
Ken-fox (Talk | contribs)
(New page: <pre>Request representation: profile:{profile} Response: 201 Created Location: /v1/{apikey}/game/{game}/token/{token} Entity body same as GET /v1/{apikey}/game/{game}/token/{token} Respo...)
Next diff →
Revision as of 13:01, 2 March 2009
Request representation:
profile:{profile}
Response:
201 Created
Location: /v1/{apikey}/game/{game}/token/{token}
Entity body same as GET /v1/{apikey}/game/{game}/token/{token}
Response if request invalid:
400 Bad Request
Entity body describing failed validations
Response if limit reached:
403 Forbidden
The {profile} value is the canonical URL of the profile that the token should be awarded to.
This URL can be easily attacked by the owner of a profile because the owner knows his own canonical profile URL. Award limits create an upper bound on the attack damage.
