Web Service Keys for APIs Workshop

Third webinar in our API Workshop series.

This event has passed.

Review the slides

Watch the recording (WebEx)

Web Service Keys, commonly referred to as WSKeys, are the primary method used for authenticating and authorizing interactions with web services available on the OCLC WorldShare Platform. WSKeys authenticate clients sending requests to web services, in effect, creating a "secure pipe" between a remote client and the data and functionality available through web services on the WorldShare Platform.

In this workshop, we will explain the principles and implementation of the digital signatures that anchor the OCLC WSKey infrastructure. We will walk through code examples that demonstrate how individual requests to web services are digitally signed. We will also talk about where our WSKey infrastructure is heading in the future, to allow users to sign in to OCLC services through an OAuth 2 implementation. Finally, we will provide sample code that can act as a reference implementation and explain our plans for releasing similar code bases to our developer community in a few different programming languages.

You'll come away with a better understanding of how web service keys work with our APIs, some ideas for implementation, and answers to the questions you bring.


Side note from the cooperative legal department on the code shown during the workshop: OCLC is providing this code for demonstration purposes and on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using the code and assume any associated risks.


07 January 2014


11:00 AM – 12:00 PM
Eastern Standard Time, North America [UTC -5]