What Updates Should We Make to the API?

freshface said
Ability to login to a our own dedicated support forums with an Envato login and verify purchases on the fly. Something along the lines of “logging in with” Twitter, Google etc accounts to other sites.

I understand this will be a (resource, money, put anything here) loss for Envato, not even a b/e since it won’t make any money, but it will make many other people very happy so it might be a win in the end. At least the happiness of your partners and customers is important in the long run. This could seal the Envato ecosystem very nicely.

Bigger authors with lots of support requests need proper forums (done by them) with fast and easy access. Current comments are not enough and the upcoming forums will not be enough as well no matter how hard you will try.

I already sent an email to you Jeff and Mark about this a few months ago so you can search for it as there may be more thoughts.

@authors: Please put +1 on this if you would like to see this as well so Envato can better understand if this is a priority.

Cheers!

+1 Super Idea

Also, one other thing… i think for security reasons, it would be a sensible idea to have a separate API key for the API requests that allow you to POST and CHANGE data on the site, because i can see people being worried about security. I personally would be a lot happier sharing my ‘view’ API key with more apps than the ‘changes’ api key. Namely… i’ll be only using the ‘changes’ key with apps that i write or read the code for. And of course it would make sense to log which app accesses the API and makes changes. Maybe implement a ticket system, that could somehow be integrated with fresh’s login authentication system so you can be certain which app is accessing the site?

Japh said
Perhaps some sort of OAuth implementation in concert with the API would be a good solution here?

Yes definitely!

Reaper-Media said
Also, one other thing… i think for security reasons, it would be a sensible idea to have a separate API key for the API requests that allow you to POST and CHANGE data on the site, because i can see people being worried about security. I personally would be a lot happier sharing my ‘view’ API key with more apps than the ‘changes’ api key. Namely… i’ll be only using the ‘changes’ key with apps that i write or read the code for. And of course it would make sense to log which app accesses the API and makes changes. Maybe implement a ticket system, that could somehow be integrated with fresh’s login authentication system so you can be certain which app is accessing the site?

Yeah, I think an OAuth implementation would help a lot here. You could then retrospectively remove a particular application’s access to your information, even if you lose access to the application.

Great thread!

First, Jeffrey, you should set up something at Google Moderator (http://www.google.com/moderator/), so we can all vote/add/discuss ideas and it will be much cleaner than here in the forums

My personal favorite would be the ability to download the full statement, instead of just last 100 records and even that within a 28 day frame at maximum. I could use that in SalesDonkey to generate better graphs/statistics for every item etc.

Right now we have a system like this, but I wrote importers and imported the original data from the downloadable csvs with the statements for previous months into a DB and now it just updates itself with the latest data via the API . We have stuff like weekly sales global, a pie chart that shows the composition of earnings by item for the last seven days and per-item weekly sales. This information is great to have, but with the current system it would be very difficult to set up such a database for new users, that is why we haven’t shared it.

UDS

JamiGibbs said
This might just be me being lazy but the ability to directly call an author’s volume of sales amount. Also, +1 to Freshface’s request.

+1

Reaper-Media said
Also, one other thing… i think for security reasons, it would be a sensible idea to have a separate API key for the API requests that allow you to POST and CHANGE data on the site, because i can see people being worried about security. I personally would be a lot happier sharing my ‘view’ API key with more apps than the ‘changes’ api key. Namely… i’ll be only using the ‘changes’ key with apps that i write or read the code for. And of course it would make sense to log which app accesses the API and makes changes. Maybe implement a ticket system, that could somehow be integrated with fresh’s login authentication system so you can be certain which app is accessing the site?

If we do add a “WRITE” api, we will be overhauling the API key system to allow you to specify if keys are read, write, or both.

john said
If we do add a “WRITE” api, we will be overhauling the API key system to allow you to specify if keys are read, write, or both.

Ok cool!

Ability to find out all of the items a user has bought from you.

i.e. for the sake of forums: when the user is signing up, they sign up with 1 purchase code and then we can get all of their purchased items.

I think that’s what Chris was saying, but in case it wasn’t, there’s my 2penneth

Ability to pull comments, to check if there are new comments. Or this could be implemented into the system directly, I’m sure tons of people would like that feature.