Download the PHP package igivefirst/igf-sdk-php without Composer
On this page you can find all versions of the php package igivefirst/igf-sdk-php. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download igivefirst/igf-sdk-php
More information about igivefirst/igf-sdk-php
Files in igivefirst/igf-sdk-php
Package igf-sdk-php
Short Description PHP SDK for the iGivefirst Donation API
License Apache-2.0
Homepage http://igivefirst.github.io/igivefirst-api-php/
Informations about the package igf-sdk-php
iGivefirst PHP SDK
This project contains the PHP SDK for the iGivefirst Donation API. It is distributed as a Composer package for easy access.
Sample Usage
iGivefirst REST Donation API
In order to use the iGivefirst Donation API, you must be PCI level 1 compliant
Getting Started
In order to use the iGivefirst Donation API, you will first need to register as a publisher on our website.
- SDK prequesites - in order to use the PHP SDK you will need the cURL extension compiled with OpenSSL support
- Register as a publisher - sign up at [https://www.igivefirst.mobi/join/publisher]()
- Request access - send an email to [email protected] with your account information and we'll get you set up for access
- Configure API keys - visit the API page [https://www.igivefirst.mobi/publisher/donation-api]() to get your API keys and configure whitelisted IP addresses.
Guids
Our API utizes business keys in the form of standard 36 character guids. These guids are created with-in our system and are unique. The main guids that are utilized:
- Nonprofit Campaign Guid - This is the guid representation of a campaign setup by a nonprofit. This guid is accessible through the ad serving api, and is used by virtually all api calls.
- Publisher Campaign Guid - This is the guid that is created when a publisher campaign is created. Again this guid is used with virtually every call.
- Donor Guid - This is the unique id for a donor
- Donor Account Guid - In order to call our API to process a donor donation a donor account guid is utilized.
Secure Rest Donation API
Obtaining a private key
Login as your publisher and click on the api link on the bottom left. From there you will be able to access all of the above guids mentioned. This also includes the two keys that are used to secure our system:
- Publisher API Key
- Publisher Secret Key
Authenticating requests using Rest API
Authenticating Requests Using the REST API
When accessing iGivefirst API using REST , you must provide the following items in your request so the request can be authenticated:
Request Elements
- Publisher API Key - It is the access key id of the identity you are using to send your request.
- Signature — Each request must contain a valid request signature, or the request is rejected. A request signature is calculated using your Publisher Secret Key, which is a shared secret known only to you and iGivefirst.
- Time stamp — Each request must contain the date and time the request was created, represented as a string in UTC. An example of the timestamp is: Thu, 18 Nov 2010 11:27:35 GMT. This timestamp must match the accompanying HTTP Date Header
Authorization
The iGivefirst REST API uses the standard HTTPAuthorization header to pass authentication information.
The following is an example of the header:
- Authorization: IGF_HMAC_SHA1 59e680df-df0a-42c3-969a-800d35ca5684:frJIUN8DYpKDtOLCwo//yllqDzg=
The header consists of the Publisher API Key concatenated with the Signature.
- Authorization type - IGF_HMAC_SHA1
- iGivefirst API Key - 59e680df-df0a-42c3-969a-800d35ca5684
- Signature - frJIUN8DYpKDtOLCwo//yllqDzg=
The Signature computed from Base64( HMAC-SHA1( UTF-8-Encoded( StringToSign ), PublisherSecret ) ) where
StringToSign = HTTPVerb + "\n" MD5-HASH-OF-Content + "\n" + Content-Type + "\n" + Timestamp + "\n" + CanonicalizedResourceURI
An Example of the StringToSign
POST\n bc1153d10db6079ecfbe3c3dca023402\n application/json\n Thu, 15 Sep 2012 00:51:48 GMT\n /donation
or
GET\n \n \n Thu, 15 Sep 2012 00:51:48 GMT\n /donation/5def4c5f-e318-471f-9ef7-05cc965233cd
or
DELETE\n \n \n Thu, 15 Sep 2012 00:51:48 GMT\n /donation/5def4c5f-e318-471f-9ef7-05cc965233cd
The StringToSign is then used to build the Signature by
- UTF-8 encoding the StringToSign
- Calculating the HMAC-SHA1 of the StringToSign using your secret key
- Base64 encoding the resulting hash bytes, excluding any hex encoding of the hash
Once you have your Signature you create the Authorization header by contenating your Access Key and the Signature:
Authorization: IGF_HMAC_SHA1 59e680df-df0a-42c3-969a-800d35ca5684:frJIUN8DYpKDtOLCwo//yllqDzg=
White Listed IP Addresses
The production system only communicates to the IP addresses that you have listed during the setup of the API key.
Donation API Endpoint
The donation api is used to create, get or delete a donation.
Headers Used
- Content Type: application/json
- Accepts: application/json (where applicable)
- Date: Thu, 15 Sep 2012 00:51:48 GMT
- Authorization: IGF_HMAC_SHA1 59e680df-df0a-42c3-969a-800d35ca5684:frJIUN8DYpKDtOLCwo//yllqDzg=
HTTP Verbs
GET - Get a donation
- URI - /donation/:guid
- RETURNS - full json donation object which includes optional fields such as nonprofit name
- SUCCESS CODE - 200
- ERROR CODES
- 500 input error
- 404 no donation found by that guid
Example
Response
POST - Create a donation for a donor
- URI: /donation
- BODY - donation object
- SUCCESS CODE - 201 created
- ERROR CODES
- 500 internal error
- 400 malformed post body
- 401 unauthorized
Example
Body
Response Success
Response Failure
DELETE - Cancel a donation
NOT YET IMPLEMENTED
- URI: /donation/:guid-of-donation
- RETURNS - string that is the guid for the donation
- SUCCESS CODE - 201
- ERROR CODES
- 500 internal error
- 401 unauthorized
Example
PUT - not implemented
Cancel the donation with DELETE and then POST to create new donation
- ERROR CODES - 405 - method not allowed
Donor API Endpoint
The donation api is used to find, create, get, or delete a donor.
Headers Used
- Content Type: application/json
- Accepts: application/json (where applicable)
- Date: Thu, 15 Sep 2012 00:51:48 GMT
- Authorization: IGF_HMAC_SHA1 59e680df-df0a-42c3-969a-800d35ca5684:frJIUN8DYpKDtOLCwo//yllqDzg=
HTTP Verbs
GET - Find a donor
- URI - /find-donor
- Param - email - the email address of the donor
- RETURNS - donor json object
- SUCCESS CODE - 200
- ERROR CODES - 404
Example
Response
GET - Get a donor by guid
- URI - /donor/{donor-guid}
- RETURNS - full json donor object.
- SUCCESS CODE - 200
- ERROR CODES - 404
Example
Response
POST - Create a donor
- URI - /donor
- Payload - full json donor object. Account creation is not allowed with-in the payload.
- SUCCESS CODE - 202
- ERROR CODES
- 500 input validation error
- 405 user already registered by that email address
Example
Body
Response
PUT - Update a donor
NOT YET IMPLEMENTED
- URI - /donor/{donor-guid}
- Payload - full json donor object. Account updates are not allowed with-in the payload.
- SUCCESS CODE - 200
- ERROR CODES
- 500 input validation error
Example
Body
DELETE
Not supported
Account API Endpoint
The account api is used to create or update donor accounts. The donor api above provides the only 'get' information for accounts.
Headers Used
- Content Type: application/json
- Accepts: application/json (where applicable)
- Date: Thu, 15 Sep 2012 00:51:48 GMT
- Authorization: IGF_HMAC_SHA1 59e680df-df0a-42c3-969a-800d35ca5684:frJIUN8DYpKDtOLCwo//yllqDzg=
HTTP Verbs
GET
Not supported, accessible through Donor API
POST - Create a donor account
- URI - /account
- Payload - full json account object - cc information if a cc account, otherwise bank account information
- SUCCESS CODE - 202
- ERROR CODES
- 500 input validation error
Example
Body
Response
PUT - Update an account
- URI - /account/{account-guid}
- Payload - full json account object
- SUCCESS CODE - 200
- ERROR CODES
- 500 input validation error
Example
Body
Response
HTTP 200
DELETE - Disable an account
- URI - /account/{account-guid}
- SUCCESS CODE - 202
- ERROR CODES
- 500 input validation error
Example
Response
HTTP 202