Difference between revisions of "User:Rayanth/Sandbox2"

From EVE University Wiki
Jump to: navigation, search
(Created page with "{{update|Needs to be updated for ESI}} '''[http://fleet-up.com/ Fleet-Up]''' is a third-party website that allows you to manage fittings, doctrines, pilots and fleets. It is ...")
 
m (Comment out {{Stub}}, should not be used in the User namespace.)
 
(13 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{update|Needs to be updated for ESI}}
+
ESI and SSO
 +
===For Non-Developers===
 +
Safety: Your SSO username and password are completely safe from the third party application you're logging in to. When logging in to another service with SSO, you are actually logging on to the SSO server via a website hosted by CCP themselves. This setup is the core of an authentication method called OAuth (and its newer version, OAuth2). OAuth/OAuth2 are very widely used today, and act as the core component for logs on most social media giants, including Facebook, Twitter, and Google, including any other site that allows you to use those Social Media accounts to log in to them.
 +
Here is a brief tour of the process, for a new 3rd party EVE Online tool, 3rd Party Website (3PW for short):
  
'''[http://fleet-up.com/ Fleet-Up]''' is a third-party website that allows you to manage fittings, doctrines, pilots and fleets. It is accessible via both in-game and out-of-game browsers, making importation of fits into EVE easy. All E-UNI [[Campuses]], as well as the [[EVE University Incursion Community|Incursion community]], maintain doctrines on Fleet-Up.
+
* 3PW registers its existence on CCP's servers. It defines a Redirect URL that will be listening for SSO to talk to it when a user logs in.
 +
* 3PW receives a Client ID that it can identify itself with, and a Secret Key that lets it prove it is who it says it is, to SSO's servers.
 +
* User decides to log in to 3PW
 +
* 3PW redirects user to CCP-hosted SSO service. In the background, 3PW passes SSO its Client ID, Secret Key, Redirect URL, and a list of Scopes it would like access to.
 +
* SSO verifies that 3PW's Client ID and Secret Key match, and to be sure they weren't hijacked, ensures the Redirect URL matches the one on record.
 +
* User logs in to SSO as normal
 +
* SSO presents User with the requested Scopes to verify they are willing to grant them
 +
* User accepts the scopes
 +
* SSO generates a short-duration (5 minutes) token and redirects the User to 3PW's Redirect URL, attaching the token to the URL.
 +
* 3PW reads the token, and sends it back to SSO behind the scenes, to request a proper Authentication Token that lasts 20 minutes, and a Refresh token that lasts indefinitely. (The refresh token allows 3PW to refresh the Authentication token without making the user log in again)
 +
* 3PW now can use the Authentication Token to request information from ESI that User granted it, via the requested Scopes.
  
The direct link to the EVE University group on Fleet-Up is [http://eveuni.fleet-up.com/ http://eveuni.fleet-up.com/].
+
The important thing to take away from this is that the above exchange ensures that each of the three parties can trust the other two:
==How to Join Fleet-Up==
 
* Use the 'Register' link in the menu bar
 
* It is recommended to use the Single Sign On method [[File:SSO.png|right|thumb|300px]]
 
** SSO is run by CCP and is completely safe and secure.
 
** Be sure to use an account that has an E-Uni character.
 
* Click on [https://fleet-up.com/Group Groups]
 
** Join the {{color|red|EVE University}} group {{color|red|(Owner: Azmodeus Valar)}}
 
** {{color|lightgreen|If your Fleet-Up account includes an E-Uni character, you will be able to join it automatically.}}
 
** If it does not show or allow you to join, you may have to wait and try again later.
 
** {{color|crimson|'''Manual applications to join the EVE University group will be rejected.'''}}
 
[[File:EUniFleetUpGroup.PNG|500px]]
 
  
 +
* 3PW trusts the User because SSO authenticated them
 +
* 3PW trusts SSO because
 +
* SSO trusts 3PW because it verified the Client ID, Secret Key, and Redirect URL
 +
* SSO trusts User because the user used their credentials (including 2FA if enabled)
 +
* User trusts SSO because they have an existing with SSO
 +
* User implicitly trusts 3PW because SSO verified 3PW's credentials.
  
===Troubleshooting===
+
===Scopes===
The most likely issue is not setting up the API properly before you try to join the EVE University group.
+
There are currently a total of 68 different scopes that can be requested/given to an application via ESI and SSO. These scopes control access to 126 of the 206 ESI endpoints (the remaining 80 are public and require no scopes). Some are only available to members of a corporation who have been granted particular titles/roles within the corporation. The following tables will help identify exactly what a granted scope permits access to.
  
*If you have joined EVE University very recently, or joined Fleet-Up only just now, the cache used by the ESI API may not yet have refreshed to reflect this change, so wait a few hours.
+
<code>publicData</code>: This scope does not provide the 3rd party app with any information that is not publicly available. Its primary use is to give a Refresh token for the user's credentials, where otherwise no scope is requested.
*If you are having issues, ask a [[Campuses|campus]] officer (or ask in E-UNI channels) for assistance.
 
*If you are ''still'' having issues, contact Kaein Soturus or Azmodeus Valar .
 
*If you are a frequent guest FC and would like access without an API you should contact the [[Management#Director_of_Special_Projects|Director of Special Projects]].
 
  
=How to Find Fits=
+
Character-Focused scopes:
Once you are logged in with an E-UNI character:
 
* Click on [http://fleet-up.com/Fitting/Index Fittings] - click on [http://fleet-up.com/Fitting/Index/42050 EVE University Fittings]
 
  
Here you can either click on each hull type, or use the search field to narrow your search.
+
=BreakBreak=
 +
=Existing Page=
 +
<!--{{stub}}-->
 +
EVE Swagger Interface (ESI) is an API to get data from the EVE server. It replaces CREST and the XML API which were shut down on May 8th, 2018.<ref>https://developers.eveonline.com/blog/article/important-information-on-the-future-of-the-eve-api</ref>
  
[[File:fleet-up_fittings.png]]
+
Remember that scamming with API is specifically not allowed<ref name="scamming">[https://developers.eveonline.com/blog/article/reminder-no-scamming Reminder to Developers: No Scamming]</ref>
  
 +
Several guides on how to use ESI exist:
 +
* [https://forums.eveonline.com/t/3-3-0-gesi-google-sheets-esi-library/13406 GESI - Google Sheets ESI Library]  [https://developers.eveonline.com/blog/article/using-esi-with-google-sheets Guide for it on the Third Party Developer Blog]
 +
* [https://www.fuzzwork.co.uk/2017/03/14/using-esi-google-sheets/ Using ESI with Google Sheets]
 +
* [https://wiki.zansha.space/index.php/SSO_Authentication_in_Microsoft_Power_Query Guide on how to use ESI with MS Excel]
  
=How to Find Doctrines=
+
Further some libraries exist to use ESI with Python. For further information see the "See Also" section.
Once you are logged in with an E-UNI character:
 
* Click on [http://fleet-up.com/Doctrine/Index Doctrines] - click on [http://fleet-up.com/Doctrine/Index/42050 EVE University Doctrines]
 
  
A list of doctrines will appear, select the doctrine you wish to view.
+
==API authorization managment==
  
Once you select a doctrine you can
+
You can manage API permissions from you at https://community.eveonline.com/support/third-party-applications/
* click on the "show flyable" link
 
* select your character
 
and it will display which ships you can fly:
 
  
[[File:fleet-up_doctrines_showflyable.png|fleet-up_doctrines_showflyable.png]]
+
In here you can see all applications that have access to your API. You can see exactly what scopes you have authorized for them. You can also revoke authorizations.
  
[[File:fleet-up_doctrines_flyable.png|thumb|left]]
+
==See also==
* Green indicates all skills met
+
* https://docs.esi.evetech.net/ Community-maintained documentation for ESI.
* Yellow indicates you can fly the hull but not use all modules
+
* https://eveonline-third-party-documentation.readthedocs.io/en/latest/esi/index.html CCP's documentation on ESI.
* Red indicates you cannot fly the hull
+
* https://github.com/esi/esi-issues Git Repo for tracking issues with ESI.
 +
* https://community.eveonline.com/news/dev-blogs/introducing-esi/ Original announcement to introduce ESI.
 +
* https://esi.evetech.net/ui/
 +
* https://github.com/devfleet/awesome-eve#developer-tools-resources-and-apis Some resources to work with ESI.
  
[[Category:Applications]]
+
==References==
 +
<references />
 +
 
 +
<nowiki>[[Category:API]]</nowiki>
 +
 
 +
=BreakBreakBreak=
 +
=NewPage=
 +
EVE Swagger Interface (ESI) is an API that can be used by [[Third-party_tools|third party applications]] to interact with data from the EVE game servers. It replaces CREST and the XML API which were shut down on May 8th, 2018.<ref>https://developers.eveonline.com/blog/article/important-information-on-the-future-of-the-eve-api</ref>
 +
 
 +
ESI has both public-data and authenticated endpoints, the latter of which require a character to log in via [[EVE SSO]] to their character account to gain access to information specific to their character or, provided they have the appropriate corporate roles, their corporation. At present there are 81 public-data and 125 Authenticated endpoints (206 total).
 +
 
 +
CCP has indicated that their goal is to completely replace the [[Static Data Export|Static Data Export]] (SDE) with ESI, but as of December 2019, there are still many missing features.
 +
 
 +
As a reminder to developers, it is expressly forbidden for developers of third party applications to use them for ill intent<ref name="scamming">[https://developers.eveonline.com/blog/article/reminder-no-scamming Reminder to Developers: No Scamming]</ref><ref>https://developers.eveonline.com/resource/license-agreement</ref>
 +
 
 +
ESI and SSO are commonly used together, however they do have independent features and uses as well. For this reason, they have been split into their own articles. See [[EVE SSO]] for information regarding the character authentication (and management thereof) aspect.
 +
 
 +
==ESI Endpoints==
 +
ESI provides 206 endpoints, 81 of which related to public data and need no character or client authentication, and 135 of which are authenticated as they relate to privileged information about specific characters or corporations.
 +
 
 +
The general categories these endpoints fall under are:
 +
{| class="wikitable sortable"
 +
! Category !! Public !! Auth !! Description
 +
|-
 +
| Alliances || 4 || || General information about Alliances and their member corporations
 +
|-
 +
| Assets || || 6 || Inventory details for characters and corporations
 +
|-
 +
| Bookmarks || || 4 || All of a character or <strike>corporation's</strike><ref>https://developers.eveonline.com/blog/article/temporary-blackout-of-esi-bookmarks</ref> bookmarks and bookmark folders
 +
|-
 +
| Calendar || || 4 || Read and respond to a character's calendar events
 +
|-
 +
| Character || 4 || 11 || Information relating specifically to a character, where it does not fall under any other category.
 +
|-
 +
| Clones || || 2 || Information on a character's clones and their active implants
 +
|-
 +
| Contacts || || 9 || Read Contacts lists for characters, corporations and alliances, and edit them for characters.
 +
|-
 +
| Contracts || 3 || 6 || List public, character and corporate contracts, bids placed on them, and items contained in them.
 +
|-
 +
| Corporation || 4 || 18 || Information relating specifically to a corporation, where it does not fall under any other category.
 +
|-
 +
| Dogma || 5 || || Information regarding Dogma, EVE's system for attributes on items and entities.
 +
|-
 +
| Faction Warfare || 6 || 2 || Public statistics on faction warfare, systems, leaderboards, and a character's statistics.
 +
|-
 +
| Fittings || || 3 || View, create or delete a character's in-game saved fittings.
 +
|-
 +
| Fleets || || 14 || Provides endpoints for a complete breakdown of a fleet's composition, and allows managing it externally.
 +
|-
 +
| Incursions || 1 || || A list of currently active Incursions and some basic info about them
 +
|-
 +
| Industry || 2 || 6 || System Cost Indices, Industry facilities, and all information about a character's active industry jobs.
 +
|-
 +
| Insurance || 1 || || A list of insurance prices for all classes of ships.
 +
|-
 +
| Killmails || 1 || 2 || Retrieve killmails relating to a character, or all details on a killmail for which you have the appropriate information.
 +
|-
 +
| Location || || 3 || View whether a character is online, what they're flying, and where they are located.
 +
|-
 +
| Loyalty || 1 || 1 || List offers available from a provided NPC Corporation's LP Store, and a character's available LP.
 +
|-
 +
| Mail || || 9 || All actions related to viewing, sending and deleting in-game mail for a character.
 +
|-
 +
| Market || 6 || 5 || Market orders and histories, as well as a character or corporation's specific orders.
 +
|-
 +
| Opportunities || 4 || 1 || A list of tasks associated with the New Player Experience / Tutorial, and whether a character has completed them.
 +
|-
 +
| Planetary Interaction || 1 || 3 || Details on a character's planetary colonies and their layouts, as well as public information on PI Schematics.
 +
|-
 +
| Routes || 1 || || Use the game's algorithms to calculate a route between two systems
 +
|-
 +
| Search || 1 || 1 || Perform a search on the provided string against the chosen categories. If for a character, will also search private things the character can see.
 +
|-
 +
| Skills || || 3 || Information on a character's attributes, skills and skill training queue.
 +
|-
 +
| Sovereignty || 3 || || Lists of sovereignty campaigns, systems and structures.
 +
|-
 +
| Status || 1 || || Status of the game: Whether it's running, what version, and how many players are logged in.
 +
|-
 +
| Universe || 30 || || Just about all general public, static data in the game.
 +
|-
 +
| User Interface || || 5 || Allows opening certain UI windows for a character if they are logged in to the game.
 +
|-
 +
| Wallet || || 6 || Character and Corporation wallet balances and transactions.
 +
|-
 +
| Wars || 3 || || Details on all wars that have happened in the game, including their killmails.
 +
|}
 +
 
 +
== Resources For Developers ==
 +
There are a number of resources online for developers looking to begin using ESI, many of which also cover SSO for authenticating endpoints.
 +
 
 +
{| class="wikitable"
 +
|-
 +
| https://docs.esi.evetech.net/ || Community-maintained documentation for ESI.
 +
|-
 +
| https://eveonline-third-party-documentation.readthedocs.io/en/latest/esi/index.html || CCP's documentation on ESI. (Outdated)
 +
|-
 +
| https://github.com/esi/esi-issues || Official Git Repository for tracking issues and requests for ESI.
 +
|-
 +
| https://github.com/esi/esi-issues/issues/1103 || A specific issue on the above repository, that compares ESI to the information available in SDE.
 +
|-
 +
| https://community.eveonline.com/news/dev-blogs/introducing-esi/ || Original Announcement introducing ESI.
 +
|-
 +
| https://esi.evetech.net/ui/ || CCP's front-end User Interface for "playing" with ESI and discovering what the various endpoints can do.
 +
|-
 +
| https://github.com/devfleet/awesome-eve#developer-tools-resources-and-apis || Community-maintained list of resources and tools to work with ESI.
 +
|-
 +
| https://forums.eveonline.com/t/3-3-0-gesi-google-sheets-esi-library/13406 || GESI - A library for working with ESI in Google Sheets
 +
|-
 +
| https://developers.eveonline.com/blog/article/using-esi-with-google-sheets || A slightly outdated CCP Dev blog on working with GESI (see above)
 +
|-
 +
| https://www.fuzzwork.co.uk/2017/03/14/using-esi-google-sheets/ || A different guide on working with GESI (see above)
 +
|-
 +
| https://wiki.zansha.space/index.php/SSO_Authentication_in_Microsoft_Power_Query || Information on working with ESI in MS Excel with Power Query
 +
|}
 +
 
 +
== References ==
 +
<references />
 +
 
 +
<!--[[Category:API]]-->

Latest revision as of 18:57, 2 March 2024

ESI and SSO

For Non-Developers

Safety: Your SSO username and password are completely safe from the third party application you're logging in to. When logging in to another service with SSO, you are actually logging on to the SSO server via a website hosted by CCP themselves. This setup is the core of an authentication method called OAuth (and its newer version, OAuth2). OAuth/OAuth2 are very widely used today, and act as the core component for logs on most social media giants, including Facebook, Twitter, and Google, including any other site that allows you to use those Social Media accounts to log in to them. Here is a brief tour of the process, for a new 3rd party EVE Online tool, 3rd Party Website (3PW for short):

  • 3PW registers its existence on CCP's servers. It defines a Redirect URL that will be listening for SSO to talk to it when a user logs in.
  • 3PW receives a Client ID that it can identify itself with, and a Secret Key that lets it prove it is who it says it is, to SSO's servers.
  • User decides to log in to 3PW
  • 3PW redirects user to CCP-hosted SSO service. In the background, 3PW passes SSO its Client ID, Secret Key, Redirect URL, and a list of Scopes it would like access to.
  • SSO verifies that 3PW's Client ID and Secret Key match, and to be sure they weren't hijacked, ensures the Redirect URL matches the one on record.
  • User logs in to SSO as normal
  • SSO presents User with the requested Scopes to verify they are willing to grant them
  • User accepts the scopes
  • SSO generates a short-duration (5 minutes) token and redirects the User to 3PW's Redirect URL, attaching the token to the URL.
  • 3PW reads the token, and sends it back to SSO behind the scenes, to request a proper Authentication Token that lasts 20 minutes, and a Refresh token that lasts indefinitely. (The refresh token allows 3PW to refresh the Authentication token without making the user log in again)
  • 3PW now can use the Authentication Token to request information from ESI that User granted it, via the requested Scopes.

The important thing to take away from this is that the above exchange ensures that each of the three parties can trust the other two:

  • 3PW trusts the User because SSO authenticated them
  • 3PW trusts SSO because
  • SSO trusts 3PW because it verified the Client ID, Secret Key, and Redirect URL
  • SSO trusts User because the user used their credentials (including 2FA if enabled)
  • User trusts SSO because they have an existing with SSO
  • User implicitly trusts 3PW because SSO verified 3PW's credentials.

Scopes

There are currently a total of 68 different scopes that can be requested/given to an application via ESI and SSO. These scopes control access to 126 of the 206 ESI endpoints (the remaining 80 are public and require no scopes). Some are only available to members of a corporation who have been granted particular titles/roles within the corporation. The following tables will help identify exactly what a granted scope permits access to.

publicData: This scope does not provide the 3rd party app with any information that is not publicly available. Its primary use is to give a Refresh token for the user's credentials, where otherwise no scope is requested.

Character-Focused scopes:

BreakBreak

Existing Page

EVE Swagger Interface (ESI) is an API to get data from the EVE server. It replaces CREST and the XML API which were shut down on May 8th, 2018.[1]

Remember that scamming with API is specifically not allowed[2]

Several guides on how to use ESI exist:

Further some libraries exist to use ESI with Python. For further information see the "See Also" section.

API authorization managment

You can manage API permissions from you at https://community.eveonline.com/support/third-party-applications/

In here you can see all applications that have access to your API. You can see exactly what scopes you have authorized for them. You can also revoke authorizations.

See also

References

  1. ^ https://developers.eveonline.com/blog/article/important-information-on-the-future-of-the-eve-api
  2. ^ Reminder to Developers: No Scamming

[[Category:API]]

BreakBreakBreak

NewPage

EVE Swagger Interface (ESI) is an API that can be used by third party applications to interact with data from the EVE game servers. It replaces CREST and the XML API which were shut down on May 8th, 2018.[1]

ESI has both public-data and authenticated endpoints, the latter of which require a character to log in via EVE SSO to their character account to gain access to information specific to their character or, provided they have the appropriate corporate roles, their corporation. At present there are 81 public-data and 125 Authenticated endpoints (206 total).

CCP has indicated that their goal is to completely replace the Static Data Export (SDE) with ESI, but as of December 2019, there are still many missing features.

As a reminder to developers, it is expressly forbidden for developers of third party applications to use them for ill intent[2][3]

ESI and SSO are commonly used together, however they do have independent features and uses as well. For this reason, they have been split into their own articles. See EVE SSO for information regarding the character authentication (and management thereof) aspect.

ESI Endpoints

ESI provides 206 endpoints, 81 of which related to public data and need no character or client authentication, and 135 of which are authenticated as they relate to privileged information about specific characters or corporations.

The general categories these endpoints fall under are:

Category Public Auth Description
Alliances 4 General information about Alliances and their member corporations
Assets 6 Inventory details for characters and corporations
Bookmarks 4 All of a character or corporation's[4] bookmarks and bookmark folders
Calendar 4 Read and respond to a character's calendar events
Character 4 11 Information relating specifically to a character, where it does not fall under any other category.
Clones 2 Information on a character's clones and their active implants
Contacts 9 Read Contacts lists for characters, corporations and alliances, and edit them for characters.
Contracts 3 6 List public, character and corporate contracts, bids placed on them, and items contained in them.
Corporation 4 18 Information relating specifically to a corporation, where it does not fall under any other category.
Dogma 5 Information regarding Dogma, EVE's system for attributes on items and entities.
Faction Warfare 6 2 Public statistics on faction warfare, systems, leaderboards, and a character's statistics.
Fittings 3 View, create or delete a character's in-game saved fittings.
Fleets 14 Provides endpoints for a complete breakdown of a fleet's composition, and allows managing it externally.
Incursions 1 A list of currently active Incursions and some basic info about them
Industry 2 6 System Cost Indices, Industry facilities, and all information about a character's active industry jobs.
Insurance 1 A list of insurance prices for all classes of ships.
Killmails 1 2 Retrieve killmails relating to a character, or all details on a killmail for which you have the appropriate information.
Location 3 View whether a character is online, what they're flying, and where they are located.
Loyalty 1 1 List offers available from a provided NPC Corporation's LP Store, and a character's available LP.
Mail 9 All actions related to viewing, sending and deleting in-game mail for a character.
Market 6 5 Market orders and histories, as well as a character or corporation's specific orders.
Opportunities 4 1 A list of tasks associated with the New Player Experience / Tutorial, and whether a character has completed them.
Planetary Interaction 1 3 Details on a character's planetary colonies and their layouts, as well as public information on PI Schematics.
Routes 1 Use the game's algorithms to calculate a route between two systems
Search 1 1 Perform a search on the provided string against the chosen categories. If for a character, will also search private things the character can see.
Skills 3 Information on a character's attributes, skills and skill training queue.
Sovereignty 3 Lists of sovereignty campaigns, systems and structures.
Status 1 Status of the game: Whether it's running, what version, and how many players are logged in.
Universe 30 Just about all general public, static data in the game.
User Interface 5 Allows opening certain UI windows for a character if they are logged in to the game.
Wallet 6 Character and Corporation wallet balances and transactions.
Wars 3 Details on all wars that have happened in the game, including their killmails.

Resources For Developers

There are a number of resources online for developers looking to begin using ESI, many of which also cover SSO for authenticating endpoints.

https://docs.esi.evetech.net/ Community-maintained documentation for ESI.
https://eveonline-third-party-documentation.readthedocs.io/en/latest/esi/index.html CCP's documentation on ESI. (Outdated)
https://github.com/esi/esi-issues Official Git Repository for tracking issues and requests for ESI.
https://github.com/esi/esi-issues/issues/1103 A specific issue on the above repository, that compares ESI to the information available in SDE.
https://community.eveonline.com/news/dev-blogs/introducing-esi/ Original Announcement introducing ESI.
https://esi.evetech.net/ui/ CCP's front-end User Interface for "playing" with ESI and discovering what the various endpoints can do.
https://github.com/devfleet/awesome-eve#developer-tools-resources-and-apis Community-maintained list of resources and tools to work with ESI.
https://forums.eveonline.com/t/3-3-0-gesi-google-sheets-esi-library/13406 GESI - A library for working with ESI in Google Sheets
https://developers.eveonline.com/blog/article/using-esi-with-google-sheets A slightly outdated CCP Dev blog on working with GESI (see above)
https://www.fuzzwork.co.uk/2017/03/14/using-esi-google-sheets/ A different guide on working with GESI (see above)
https://wiki.zansha.space/index.php/SSO_Authentication_in_Microsoft_Power_Query Information on working with ESI in MS Excel with Power Query

References

  1. ^ https://developers.eveonline.com/blog/article/important-information-on-the-future-of-the-eve-api
  2. ^ Reminder to Developers: No Scamming
  3. ^ https://developers.eveonline.com/resource/license-agreement
  4. ^ https://developers.eveonline.com/blog/article/temporary-blackout-of-esi-bookmarks


Retrieved from "https://wiki.eveuniversity.org/index.php?title=User:Rayanth/Sandbox2&oldid=213309"