The idea of ProxyKey is to create a server that acts as a proxy to the Wikidot XML-RPC API. Here is what it will be designed to do:
- generate custom keys for each application
- log API usage for each key
- limit permissions for each ProxyKey key; e.g. allowing a certain key to only access pages from a certain site
- delete proxy keys
- Programs will need to rewrite their software to support ProxyKey keys
- It will be slightly slower than a regular XML-RPC request
How it will work:
- Software developers allow users to connect with custom servers:
- This simply means changing the XML-RPC host to proxykey.herokuapp.com instead of *.wikidot.com or *.wdfiles.com
- Users login with their API key
- Users can then generate subkeys for different applications with custom permissions
- Users can view traffic / request logs for each API key
- Users can revoke access for each key
- API keys will be stored in an enterprise-grade encrypted database
- Requests are transferred from and to client via the HTTPS protocol
- Users may clear their data from our database entirely
- There are 340,282,366,920,938,463,463,374,607,431,768,211,456 possible combinations for ProxyKey API keys
- All API keys are calculated using an md5 algorithm based on time generated and your username then scrambled.
- Free (first 500,000 requests per month)
- The ProxyKey service will be free with a 500,000 request buffer for each Wikidot account per month. Requests will be blocked until next month or payment is made. Requests are priced at US$0.01 per 1,000 after 500,000.
- For a plus account, you get your own dedicated server/instance that runs ProxyKey. Requests and logging are basically unlimited (limited to 15GB of bandwidth and 5GB of log storage).
- SOCKS proxy service that forwards request for https://*.wikidot.com/xml-rpc-api.php to your designated server.
- Self-run server
- The self-run server acts as a secondary proxy for ProxyKey to tunnel requests to without storing your API keys on site. Users with self-run servers will be allocated a "range" of API keys (like an IP address) and all requests made to our server within that range will be redirected to your server.
- The self-run server will not host a copy of the ProxyKey main code.
- Only request parameters will be logged, returned data will not.
- Only the 100 most recent requests are logged at any given time.
- Logs can be saved and cleared at any time. (Work in Progress)