Skip to Content
Author's profile photo Former Member

StreamWork and OAuth: Make the first api call

The official StreamWork Java API samples mainly discuss the usage of the API itself but are missing the OAuth authorizaton part. For somebody who is not familar with the OAuth specification this can easily mean lots of effort to understand and implement the necessary OAuth calls.
While it is important to know OAuth to implement a client it shouldn’t be necessary to understand all details about OAuth just to execute the first few API calls. For this reason, this blog presents sample code to handle the authentication part and provides a base skeleton using the Scribe OAuth library to execute further API calls. For the actual usage of the SteamWork API itself, please refer to the official samples or the API documentation. The sample code of this blog is available as Code Exchange project.

    Create a new StreamWork account at if not already done.

    Register a consumer application at and write down the consumer key and consumer secret. Both are required to execute the sample

    Download the sources from Code Exchange. Please use  to import the project into Eclipse.

      Configuration:</p><ol><li>Open class StreamWorkAppAuthorizationUtil, configure your proxy settings (if necessary) and enter the consumer app credentials within the init() method.</li><li>Execute StreamWorkAppAuthorizationUtil#test_getAccessTokenByUserPrompt() as JUnit 4 testcase to get a permanent access token for your StreamWork account. An access token (together with the according secret) allows to make calls to the StreamWork API in the context of the user.<br />The authorization requires the user to login to StreamWork and authorize the application. The testcase will prompt you to open your browser, do the authorization and paste the so called OAuth verifier back to the TestCase. The access token will then be retrieved automatically and printed to the screen.</li><li>Enter the access token retrieved in the last step to StreamWorkAppAuthorizationUtil. Now you are ready to make your first api call. Just execute the method #test_accessTokenValid() to verify everything is correct. In case an error appears please verify you have pasted the access token correctly.</li><li>Execute the method #test_demoApiAccess() as an demo for an API call. The required OAuth information is added automatically to the request. As sample output looks like this:<?xml version=”1.0″ encoding=”UTF-8″?><activities total_number_of_activities=”0″></activities> </li></ol><p>The mentioned steps should be sufficient to be able to call any API available by StreamWork.<br />To make the StreamWork usage more efficient, additional steps could be taken, e.g.</p><ul><li>Wrap the StreamWork api using JAXB or another XML binding framework to work directly using Java objects instead of parsing XML responses.</li><li>Write a servlet which intercepts the StreamWork authorizatoin response to make the authorization process more comfortable. It won’t be required afterwards to manually paste the OAuth verifier string.</li></ul><p>So basically you should now be able to explore the available StreamWork api and implement your demo scenario.</p>

      Assigned Tags

          You must be Logged on to comment or reply to a post.
          Author's profile photo Matthias Steiner
          Matthias Steiner
          Hi Daniel,

          just wanted to say thanks for this great post. I remember that several teams (inlcuding the one I worked with) have been struggling with OAuth and StreamWork API and that one of the follow-ups I had in mind was to write a blog about it. No need for it any longer as you did a fabulous job! Thanks for sharing...

          For those who would be interested to get a little deeper into the topic of OAuth. One of the best resources I found on the topic can be found here.


          Author's profile photo Uwe Fetzer
          Uwe Fetzer
          And in case you want to access Streamwork via ABAP, you can use the ABAP OAuth lib, also available on Code Exchange:

          Next challange will be probably the implementation of OAuth 2.0, used ie. in Facebook

          Best regards