SecureSocial API

SecureSocial.net service is designed to be easily extensible by third-party developers. There are two levels where this can be done - Platform and App.

SecureSocial platform API

How to authenticate

Create new HTTP request in the following form:

Authenticate the request as follows:

The following API methods are available:

Identity API

Private content API

Messaging API

Data model

Identity -

{"identity":{"properties":{"Name":"PUBLICLY VISIBLE NAME"},"id":"IDENTITYID","publicKey":"-----BEGIN PGP PUBLIC KEY BLOCK----- \nwECq2vm+aQx++Djk\nnyMWrp/n05XcR5qg/B+WrtgoV4Otk0Twm7d0nviZKt0fjCeiWH+Qu .. PUBLIC KEY ..T/WSY+/3wwPyCNwAj\n04Y5aEqL\n=oRnt\n-----END PGP PUBLIC KEY BLOCK-----"}}

Outgoing message -

{"id":"MESSAGEID","destinations":[{"userId":"IDENTITYID_TO","attributes":{"KEY":"VALUE"}}],"envelope":"MESSAGE_BODY","signature":"OPTIONAL_SIGNATURE", "attachment":"true or false","from":"IDENTITY_ID_FROM"}"

if attachment was set to true, the response will contain field called "attachment_upload_url" containing a URL to PUT attachment content to.

Incoming messages -

"{"messages":[{"id":"MESSAGEID","from":"IDENTITYID_FROM","destinations":[{"attributes":{"KEY":"VALUE"},"userId":"IDENTITYID_TO"}],"envelope":"MESSAGE_BODY","signature":"OPTIONAL_SIGNATURE","attachment":"true or false"}]}"

For example, when API is used by an App, message envelope will be encrypted with one-time key and this key is encrypted with public key of recipient and sent as message attribute:


"{"destinations":[{"userId":"IDENTITYID_TO","attributes":{"Key":"-----BEGIN PGP MESSAGE-----\n\nhQEMA6PxPsw+ ... ENCRYPTED ONETIME KEY ... OjjH\n-----END PGP MESSAGE-----\n"}}], "envelope":"KwAsEr9lqd8PVSnAnYUYB ... ENCRYPTED MESSAGE ... YJSzrKNOQXPJE5OG","id":"MESSAGEID","from":"IDENTITYID_FROM","signature":"CRYPTOGRAPHIC SIGNATURE","attachment":false}"

Contact us if you 'd like to use the API - api@securesocial.net - for further details.