in All Posts, APIs/Mashups, SEO/SEM

SEOmoz API Signed Authentication with Javascript

Whilst creating my International SEO Backlink Analysis Tool, I wanted a way for people to use their SEOmoz API key in the same secure fashion as they would for their homebrew tools. That meant that their Secret Key shouldn’t be transmitted over the wire, but instead only a signed hash. You can read the docs on the SEOmoz API authentication, if you’re not familiar.

I created a simple Javascript function which generates the signed authentication hash. It’s very easy to use:

  1. var SEOmozCredentials =  getSEOmozCredentials(accessid, secret);
  2. var timeStamp = SEOmozCredentials['theTimeStamp'];
  3. var signature = SEOmozCredentials['signature'];

The parameters you must pass are the SEOmoz Access ID and the Secret Key. Once you have the timeStamp and signature, in addition to the Access ID you can easily form the request on the server side; here is some example PHP code:

  1. $credentials  = "AccessID=" . $accessID . "&Expires=" . $timeStamp . "&Signature=" . urlencode($signature);
  2. $apiURL = "" . urlencode($url) . "?" . $credentials . "&SourceCols=5&TargetCols=0&Filter=external+follow&Sort=page_authority&Scope=page_to_page&Limit=1000";

Make sure you don’t transmit the Secret Key. You can grab the standalone Javascript file here: SEOmoz API Javascript.

You may want to consider, as an alternative to using JS in this way doing full SEOmoz Application Authorization.

Write a Comment



  • Tool to Analyze Backlinks for International SEO « Business Leads « Get Business Leads

    […] There are only 3 fields you need to fill in, which are your SEOmoz Access ID and Secret Key and the URL of the page you wish to analyse. (Sidenote for those who care: Do not be concerned about entering your SEOmoz Secret Key; it isn't transmitted over the network but is used to generate an authentication hash for the API. If you want the code I made for this, see here). […]