Getting started with the Hyves API

You will have to register for a Hyves account first. You can choose for a corporate account or a plain user account. The difference between these two is that a corporate account isn't attached to a profile on Hyves. When you want to use the API for a company, you need a Corporate Account (there are no companies allowed on a plain account).

Before you can do anything with the Hyves API, you need to have a Consumer Key and a Consumer Secret. To get this you should apply for an API account at http://www.hyves.nl/api/apply/ (Before applying for the API as a corporate member, make sure you are logged in at Hyves with the corporate account).

You can make your own library to handle the data with the API. But to get started quickly you can use the libraries of some of our dedicated developers from the Hyves-API community. In most cases there are some examples provided with these libraries.

Make sure you take a look at the troubleshooting and faq before you have any questions. Else you can post your questions on the hyves-API Hyves.

A Consumer Key is bound to a (software-)application. So, if you run 3 applications on your server that use the Hyves API, you should obtain 3 Consumer Keys.

You can try your newly created Consumer key in the API Console. A link will be generated for you that does the API call. If you tick the "Load directly in iframe" box, the link will be called directly in the iframe. This invalidates the link directly: each link can be used only once to avoid a replay attack.

Note that the console does not send your Consumer Secret over the internet: the secret is only used within javascript to calculate the HMAC, nothing but the actual API call (if you select "Load directly in iframe") is sent over the internet from that page. Obviously it is your own responsibility to make sure the secret is not cached or stored in your browser, if the browser is shared, or in some other way becomes known to third parties. If you believe your Consumer Secret has become compromised, please let us know, and we'll send you a new Consumer Key and Consumer Secret, invalidating your old one (Obviously, this is not true for the applications that run clientside, named DesktopApplications in this documentation). We suggest that you write your code in such a way that the key and secret can be changed easily.

All request tokens and most access tokens are only valid for a short time period, but if you believe that tokens and secret that are valid for a longer period have become compromized, it's your responsibility to contact us, so we can revoke the tokens. Note that oauth_tokens nor oauth_token_secrets are to be known to anyone else than you and Hyves, not even to the user the token is for (Obviously, this is not true for applications that run clientside, named DesktopApplications in this documentation).

The API Console was developed to work under Firefox 2.0.0.x, it may or may not work under other browsers (most likely error would be that the oauth_signature is invalid, due to problems in the content encoding.)