Open Xdrive: FAQ

Technical

• Why use JSON as a serialization format?
• How do I convert JSON data returned by an API call into values that can be used by my Javascript application?
• Do I have to write my own JSON parser to use the API?
• What if my client does not support cookies?
• Can I use my AOL ®/AIM Screen Name or email address and password to login to my Xdrive account?
• Can I chain multiple requests together?

Legal

• What are the terms and services to use the API?
• What license covers the Open Xdrive works?
• Why are there two Terms of Service for Open Xdrive?

Technical FAQ

While JSON doesn't have the same range of support and features as other standards like SOAP, it is also lighter weight and less complex.

Pros:
• JSON is small, lighter than XML.
• It will require less bandwidth memory.
• It is easy for humans to read and write and easy for machines to parse and generate
• It has support for Unicode, allowing almost any information in any human language to be communicated
• The self-documenting format that describes structure and field names as well as specific values
• The strict syntax and parsing requirements that allow the necessary parsing algorithms to remain simple, efficient, and consistent
• It is a common standard w/ a lot of support


Cons:
• Does not have namespaces (But every object is a namespace.)
• JSON uses context to avoid ambiguity, just as programming languages do.)
• Does not have all the features of SOAP
  • Standard mechanism for headers
  • Mechanism for complex data objects
  • Standard mechanism for invoking functions

JSON data is a valid subset of the Javascript language and can be directly converted by the Javascript engine into objects using the "eval" method. However, "eval" accepts the full Javascript language, which allows access to all capabilities of a browser or widget environment. In order to avoid security problems associated with accepting the full Javascript language, we recommend that you use a JSON parser, or other method that restricts the data to valid JSON syntax. The json.org web site includes a library that meets this requirement at http://json.org/json2.js

Go to http://www.json.org. They provide support for a long list of different languages with links to free JSON parsers/stringifiers.

If your client does not support cookies, and since all the JSON calls require a member session, you can include your JSESSIONID in the url with each request (e.g. http://plus.xdrive.com/json/v1.1/file.getlisting;jsessionid=A5D6568B12D80E0200C29DD68141C73F.xdr-mtc13.websys.aol.com_6002).

Include the jsessionid right after the end of the URL and before you attach any parameters. Notice there's a ";" before the jsessionid, which has to be always lower case. This is the format in which Tomcat expects the JSESSIONID.

To support cookie-less clients, we include the jsessionid and recoveryToken in the JSON message after the login call, so you can maintain a session without cookies.
The recoveryToken represents a token that will allow the user's session to be remade if he/she bounces servers. When logging in the user is granted a secure session, but subsequent non-secure calls receive a new non-secure session that is no longer authenticated. The value of the recoveryToken is used in this case to rebuild the user's session.

Yes, we integrated our JSON API with the OpenAuth API to allow users to login directly providing their AOL ®/AIM Screen Name or email address and password via the member.login method, which is secure.

Yes, the new version 1.2 of the JSON API supports request chaining, allowing developers to group several requests in one HTTP POST implemented via multipart requests. Please go to the RPC Specifications - Multiple Requests section for more information on this topic.

Legal FAQ

The API is available to Xdrive users as part of their service, so usage of the API is covered by the same Terms of Service as the rest of the service.

All works are covered by the AOL Developer Network Agreement and Terms of Service.

The short answer: one covers the end user's usage of the Xdrive service and the other covers the works and materials available on this dev.aol.com site.

Unlike other web resource based APIs, the resources offered via the XDSP are not allocated to the developer nor the application. The resources are allocated to the end user. For example, if you want to develop a backup program, you don't have to acquire enough Xdrive storage for all of your customers. You can develop the program, and each end user will use their own free storage. This allows individual developers access to the same enterprise level services to which only larger corporations and organizations traditionally had access. These services are all covered by the Xdrive User Agreement.

The APIs, documentation, demo clients, etc. provided on this site are part of AOL's Developer Network, and they are covered by the AOL Developer Network Agreement and Terms of Service.