For many API methods, your client may need to present
credentials that allows RANDOM.ORG to authenticate
it, i.e., confirm its identity. The current API release does not
contain any methods to manage authentication directly. For this
reason, the spec consists only of a description
of credentials objects, which are passed as
parameters to other API methods. These methods in turn perform
authentication based on the supplied credentials.
There are no specific methods associated with authentication, hence no URL.
credentials (object)
When a client wants to be authenticated by
RANDOM.ORG, it must present
a credentials object. This object can take two
different forms.
The client can allow authentication by supplying a simple login
(username) and password combination. In this case, the
credentials object must contain the following
properties:
loginpassword
An example credentials object can look as follows:
{
"login": "myLogin",
"password": "secret"
}
If the client has recently authenticated itself to
RANDOM.ORG, it may have an active session open. In
this case, it can supply a credentials object
containing the following:
sessionId
An example credentials object can look as follows:
{
"sessionId": "f3a0jvkn7n6mkbm7qpm7kn8sb1"
}
Session-based credentials are intended for use in AJAX-based
clients that run in web browsers. The session identifier can be
obtained from the RDOSESSION cookie set by
RANDOM.ORG when a user successfully logs in via their web browser.
(Possibly helpful link: Shortest
function for reading a cookie in JavaScript.)