Adam McHugh

Access Masks and EVE API

Category: EVE API Published Date

So shortly after the new API access method was implemented by CCP I started looking into rewriting the API proxy one of my projects are running, and namely I needed a way to determine what endpoints the supplied API credentials had access to.

The API data generated by account owners now have something called an Access Mask which is saved against the KeyID and vCode. This access mask can be 'compared' against the required mask for individual endpoints.

So how does this work?

Let's say for instance I query the APIKeyInfo endpoint with my KeyID and vCode and get returned an XML ouput containing the following line:

<key accessmask="59760264" type="character" expires="...

 

What we are interested in is the 59760264 piece, this is the access code generated for the list of permissions granted to that API keypair. We now need to use a Bitwise comparison to be able to compare that accessmask to that of the requirements of an API endpoint.

For example, I will attempt to access the Character IndustryJobs endpoint with these API credentials. The accessmask for this endpoint is defined as 128 (just to make things easy).

Converting and Comparison of Binary Values

Converting 59760264 to Binary will give you the following:

0011 1000 1111 1101 1110 1000 1000

 

Now we need to determine is there is a 1 in the column designating the value 128. If you know your Binary then this should be a snap for you.

The value indicating 128 is highlighted below for you:

0011 1000 1111 1101 1110 1000 1000

 

If however you were to try to use the same access key to call the Factional War Stats (Char) - Mask requirement of 64, you would of course fail because the column for 64 contains a 0 (highlighted in blue above).

Essentially the Access Mask method is doing a binary comparison of the key's value and looking for a 1 in the corresponding column for an endpoint.

Implementing Bitwise into programming

So now you know what bitwise comparisons do, how do you implement them into a code?

For my example below this will be done with PHP, and I must warn you, this is rather anti-climactic.

if(59760264 & 128){

// found 128 within the binary value of 59760264

}else{

// this endpoint inaccessible

}

See, I warned you. Not as exciting now that you know how easy it is to utilise :)