Create a Permission Request
Before accessing a user's data on Windows Live, you must obtain permission from the user to read and/or write the data on his or her behalf. The Windows Live Data system supplies one mechanism by which:
- Your site can request a set of permissions.
- The user can grant or deny the permissions.
- Your site can then utilize the granted permissions to access the data.
This topic explains how to create a Windows Live Data permission request.
Prerequisites
Before your site can successfully obtain permissions using Windows Live Data, it needs to have a valid SSL certificate. For security reasons, Windows Live Data expects to return its permissions using the encrypted HTTPS protocol. If you have a commerce site, you probably already have an SSL certificate so that you can accept credit card information. If not, you'll need to buy a certificate from one of the many certificate authorities and install it on your site.
Note
If you are just experimenting, you can use Windows Live Data without an SSL certificate using the NoSSL option.
Linking to the Windows Live Data Permission System
You only need to ask the user for permission once. If the user accepts your permission request, Windows Live Data will provide you with the credentials needed to request access to the user's data.
Requesting the user's permission is done by including a special "permission request" hyperlink to a page on your site. When the user clicks the link, they are redirected to Windows Live Data, where they are presented with the option to either approve or reject the permission request.
The permission link for the alpha release of Windows Live Data will typically be in this form:
<a href="https://ux.cumulus.services.live.com/pgux/default.aspx?rl=[return URL]&pl=[privacy URL]&ps=[permission string]">Grant Permission</a>
Here, the return URL (rl) parameter is the address of the Web page on your site that will process the response; the privacy URL (pl) parameter is the address of a Web page that displays your site's privacy policy; and the permission string (ps) parameter describes the permissions being requested. For example:
<a href="https://ux.cumulus.services.live.com/pgux/default.aspx?rl=https://www.sample.com/permit.aspx&pl=https://www.sample.com/privacy.html&ps=LiveContacts.ReadOnly">Grant Permission</a>
Where the site URL is www.sample.com, the privacy policy page is privacy.html, the permission processing script is permit.aspx, and read-only permission for the user's Windows Live Contacts information is requested.
You can request either read-only, or read/write permission from Windows Live services. The syntax consists of the value prepended by the service name as follows:
[Service Name].ReadOnly: Read the user's list of contacts and all contact information[Service Name].ReadWrite: Read, add, update, and delete the user's list of contacts and all contact information
In a test environment where the site may not have an SSL certificate, use HTTP rather than HTTPS for your return and privacy URLs, and append the &NoSSL option to your link, as follows:
<a href="https://ux.cumulus.services.live.com/pgux/default.aspx?rl=https://www.sample.com/permit.aspx&pl=https://www.sample.com/privacy.html&ps=LiveContacts.ReadOnly&NoSSL">Grant Permission</a>
Important
The NoSSL option is meant for testing purposes only and should not be used for a live application. If you don't use SSL, Windows Live Data will display a warning to the user, advising them to reject your request. To bypass the warning screen, they will need to click on the grant permission link at the bottom of the web page.