; MyProjectNameHere <http://www.example.com>
; API Profiles
;
; This file stores an array of API profile names and their secret keys and other configuration
; options. When API is called with an API profile that is from this list and is not set as
; public in framework Configuration, then this API profile has to be authenticated with either
; a secret key or a session token. Every API profile is a group in this file, it's name written
; in brackets, followed by various settings for the API profile.
;
; Settings for both public and non-public profiles:
; * disabled - A true or false setting whether this profile is disabled.
; * ip - Either asterisk (*) or comma separated list of allowed IP addresses.
; * commands - Comma-separated list of commands allowed by this API, can be '*' to allow all commands.
; * access-control - This is the access-control setting for this API, overwrites the default configuration.
; * versions - This is a comma-separated list of API versions that are allowed with this profile. Default is '*'.
;
; Settings that are valid for non-public profiles only:
; * secret-key - Secret key of the API profile.
; * token-timeout - Time (in seconds) how long a generated token is valid if left unused. Default is infinite.
; * timestamp-timeout - This sets for how many seconds from the moment request was made this request is considered valid.
; * hash-validation - If this is set to 0 (it is set to 1 by default), then hash-based validations are not used at all.
; * permissions - Comma separated list of permissions that can be checked by controller. Defaults to '*', which allows any.
;
; @package API
; @author DeveloperNameHere <email@example.com>
; @copyright Copyright (c) 2012, ProjectOwnerNameHere
; @license Unrestricted
; @tutorial /doc/pages/api_security.htm
; @since 1.0.0
; @version 1.0.0
[public]
disabled=0
ip="*"
commands="example-get"
[custom-profile]
disabled=0
token-timeout=600
secret-key="my-secret-key-123"
commands="example-get"
hash-validation=1
|