Signing method calls is the same for desktop and web based programs. This means on top of the parameters you request, you need to pass your api_key (not your secret) and the api_sig based on those parameters.

Let's assume that our API key is df3f791718032a70119d35d65d8b6d0d, our shared secret is sec12345.

Generating a signature is easy and can be done in any programming language. To make our signature, we take a string of the arguments being passed, and prepend our shared secret.

For this example, we'll make a call to vimeo.videos.comments.getList(). Our parameters are the following:

method
video_id
api_key
vimeo.videos.comments.getList
375747
df3f791718032a70119d35d65d8b6d0d (this is required in every method call)

Now we'll generate the base of our signature by creating a string of our parameter name/value pairs in alphabetical order. Do not escape any characters when generating this string, all characters should be unescaped.

api_keydf3f791718032a70119d35d65d8b6d0dmethodvimeo.videos.comments.getListvideo_id375747

Next, we prepend that string with our shared secret (green).

sec12345api_keydf3f791718032a70119d35d65d8b6d0dmethodvimeo.videos.comments.getListvideo_id375747

Now we'll take the MD5 hash of the signature and add it to our parameters.

c5370e4b0c550494ba49d86893a0384f

So the final set of parameters passed to the API will be:

method
video_id
api_key
api_sig
vimeo.videos.comments.getList
375747
df3f791718032a70119d35d65d8b6d0d
c5370e4b0c550494ba49d86893a0384f

That's all there is to it! Pretty easy, huh?

Don't want to see ads?
Get Vimeo plus