Authentication

STATS uses an application key and secret for it's authentication.  

You will be assigned an application key and secret by STATS.  Your application then uses the key (api_key=), the secret and the current timestamp to create an SHA-256 hash string signature (sig=).

Your call would look something like this:

http://api.stats.com/v1/stats/baseball/mlb/standings/?api_key=usvt3w543rhuh3illuxy4uwe&sig=40BA5FAC1EC4CDDA9A8EE77EF947865FAADA2323FD934783LD0707E5D20B0SA51D0.

 

Examples of Node.js and C# code are shown below:

Node.js code

// setup express to configure a basic web server
 var express = require('express');
 var app = express();
 
 // moment.js is the preferred date library
 var moment = require('moment');
 
 // access Node.js Crypto library for signature generation
 var crypto = require('crypto');
 
 // use request or request-promise to call into STATS API
 var request = require('request');
 
 // respond to all get requests
 app.get('/', function (req, res) {
   // get the current time
   var timeFromEpoch = moment.utc().unix();
 
   // set the API key (note that this is not a valid key!)
   var apiKey = 'a5mcbfie9356ld0aax85swhku';
 
   // set the shared secret key
   var secret = 'fd93Bildaa';
 
   // generate signature
   var sig = crypto.createHash('sha256').update(apiKey + secret + timeFromEpoch).digest('hex');
 
   request('http://api.stats.com/v1/stats/basketball/nba/events?accept=json&api_key=' + apiKey + '&sig=' + sig,
       function (err, response, body) {
         // parse the body as JSON
         var parsedBody = JSON.parse(body);
         res.json(parsedBody);
       });
 });
 
 var port = 3001;
 app.listen(port, function () {
   console.log('Listening on port ' + port);
 });
 
 // run this file (node [filename]) and go to localhost:3001

 

C# code

using System;
using System.Collections.Generic;
using System.Net;
using System.IO;
using System.Security.Cryptography;
using System.Net.Http;
using System.Net.Http.Formatting;
using System.Net.Http.Headers;


public partial class _Default
{
   
    protected void getStuff
    {
            
        //get the timestamp value
        string timestamp = (DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0)).TotalSeconds.ToString();

        //grab just the integer portion
        timestamp = timestamp.Substring(0, timestamp.IndexOf("."));

        //set the API key (note that this is not a valid key!
        string apikey = "a5mcbfie9356ld0aax85swhku";

        //set the shared secret key
        string secret = "fd93Bildaa";

        //call the function to create the hash
        string sig = CreateSHA256Hash(apikey + secret + timestamp);
        string urlBase = "http://stats.api.mashery.com";
        string urlAppend = "/v1/stats/basketball/nba/events";

        HttpClient client = new HttpClient();

        string url = urlBase + urlAppend + qryStrAppend + "api_key=" + apikey + "&sig=" + sig;

        HttpResponseMessage response = client.GetAsync(url).Result;
    result = response.Content.ReadAsStringAsync().Result;


    }
    protected string CreateSHA256Hash(string input)
    {

        // Use input string to calculate SHA-256 hash
        SHA256 mySHA256 = SHA256Managed.Create();

        byte[] inputBytes = System.Text.Encoding.ASCII.GetBytes(input);
        byte[] hashBytes = mySHA256.ComputeHash(inputBytes);

        // Convert the byte array to hexadecimal string
        StringBuilder sb = new StringBuilder();

        for (int i = 0; i < hashBytes.Length; i++)
        {
            sb.Append(hashBytes[i].ToString("X2"));
        }
        return sb.ToString();
    }

}