Before we can start posting requests via the API, we need to set our external system up as an 'API Remote Application' in the Bluestore Live console. A public / private key certificate is needed which can be generated either with your own tools or by using OpenSSL. Details of how to generate a public / private X509 certificate with OpenSSL are described at the end of this article.
We recommend, when building a new app, that you use a test enterprise first, rather than diving right in and configuring the application on your live account. You can set up a new trial Bluestore account which is free for 30 days and, with the demo data, will provide a good test bed for your API calls.
To set up a new API Remote Application, log into your Bluestore Live console and navigate to Settings - Bluestore API.
Press 'Create' to add a new application
Specify a name for your application and paste the full public key of your certificate. At the end of this article we have added instructions on how to generate a certificate using OpenSSL, although any X509 certificate can be used. Paste the full text of the certificate including the start and end tags.
Press Ok and the system will generate an Access Token and API Key which can then be used to authenticate your API requests.
Generating a Certificate with Open SSL
The command line steps to generate private and public certificate keys using Open SSL are as follows.
Note in windows 7 and 8 you need to open the command window with admin rights. Run c:\windows\system32\cmd.exe as administrator.
Navigate to the folder in which you want to create the certificate files.
Type the statements below rather than copying and pasting.
- openssl genrsa –out privatekey.pem 1024
- openssl req –newkey rsa:1024 –x509 –key privatekey.pem –out publickey.cer –days 365
Step1 – generates your private key
Step 2 – generates your public key which you use when registering your private application.
Copy and paste the text of the public key into the Bluestore application. The private key should be used in the code of your remote application to authenticate your requests.
There are other tools available online for generating X509 certificates, some with GUI rather than command line entry, so feel free to use whatever tool suits your way of working. Any valid certificate with a private and public key should be fine.