Server-side authorization

For this type of authorization, Slice will be provide you with an API key and you will generate a DSA public/private keypair. Enter ONLY the public key into the Slice developer portal.

Usage

Under the server-side authorization method, accessing all collection and instance resources requires a request header called X-Slice-API-Signature.

This header should contain the following parameters in URL query-string format:

In addition, the following parameter should be included on every request URL:

Note that in this type of authorization, you are responsible for helping your users link their mailboxes to Slice using the mailbox-management APIs.

How to generate a public/private keypair?

At a UNIX or Linux command-prompt, execute the following command to generate a private key:

ssh-keygen -q -t dsa -b 1024 -f mykeypair

That should generate a file called “mykeypair”, which contains your private key. To get a private key in PEM format, run the command below:

openssl dsa -in mykeypair -outform pem > myprivatekey.pem

This generates a file called “myprivatekey.pem”, the private key certificate you will use to sign your requests.

Execute the following command to generate a public key from the private key binary:

openssl dsa -in mykeypair -pubout -out mypubkey.pem

That will generate a file called “mypubkey.pem”.

Now run the following command to get the entire public key on a single line:

grep -v "PUBLIC" mypubkey.pem | tr -d '\n'; echo

Copy-paste the output from that command into the developer portal. Make sure to store the private key securely. You will be using it to sign your API requests.

Why use server-side authorization?

This is a deeper and more complicated integration than the OAuth integration, and it requires you to duplicate much of the Slice account management functionality, particularly around mailbox linking and management. If you create an app using server-side authorization, your users will not be creating Slice accounts as well, which means they will not be able to access their accounts in Slice. Furthermore, unlike OAuth, we only offer 10,000 users for free in server-side authorization, and we charge a per-user fee above 10,000 users.

You should consider using it if you are planning to build a white-label version of the Slice app, or if your policies do not permit using OAuth to redirect to Slice for account creation.