CCP Illurkall has a new dev blog available for your viewing pleasure which details the changes coming to the API system this fall. Illurkall is the overseer of the API for the foreseeable future and will make sure it is up to snuff.

You can read all about it here

We would be delighted to receive your (constructive) feedback in this thread.

any news on Crest?

CAKs fail to encompass the abilities of its predecessor the legacy API key.

A full legacy key allows access to everything available with the account, with a CAK you are limited to 1 char, All chars or 1 Corp.

This means to equal 1 full legacy key you will need upto 4 CAKs per account. 1 CAK for all the chars and if there are 3 chars, each a director or CEO of a different corp then 1 CAK for each of them.

There is no reason for this backwards step, you can maintain the ~security~ CAKs are meant to achieve and still have an option to access ALL data for those that want it.

CAKs fail to encompass the abilities of its predecessor the legacy API key.

A full legacy key allows access to everything available with the account, with a CAK you are limited to 1 char, All chars or 1 Corp.

This means to equal 1 full legacy key you will need upto 4 CAKs per account. 1 CAK for all the chars and if there are 3 chars, each a director or CEO of a different corp then 1 CAK for each of them.

There is no reason for this backwards step, you can maintain the ~security~ CAKs are meant to achieve and still have an option to access ALL data for those that want it.

read: "Even though months and months have passed I have been too lazy to update our software; now that the plug is getting pulled I am shitting myself continuously at the prospect of having to rewrite all my code in the span of 2 weeks"

What? No pretty pictures or graphs?

Not even one showing something like....how many new keys were generated from the time they were offered?

It takes about 3 lines to make use of new keys. The reason I haven't done so is because, guess what, like I said in my first post - CAKs are not as good as a full legacy key.

your fault for writing code that relies on a goofy edge case instead of developing a proper application

fortunately for you they aren't actually shutting down old keys, just making it impossible to generate additional legacy keys, so you probably got another couple of months before you have to get off your ass and change "3 lines" of code

I did the changes 12 months ago, I simply disabled it because instead of asking for multiple keys and doing the necessary checking to make sure all have been entered I could just stick to 1 legacy key as it's just much better.

It was originally written when CAK didn't exist, so your spouting about "developing a proper application" is just stupid nonsense being spewed by a kid who just collected his Basic Computing certificate last week. Shutting down legacy API at this juncture serves no purpose other than to supply reason for a devblog. It's a system that happily runs itself and no-one is planning on adding anything to the API or working on it in any manner as all efforts are concentrated on CREST.

My only crime is that I am one of the few people who actually use all of the available API which is why hoopleheads such as yourself keep spouting rubbish about "should have updated" oblivious to the limitations that CAK pose compared to their predecessor.

Hey

I'll try to make my next DevBlog look a little bit more happy with pictures and all.
The reason for doing this is mainly an effort to keep the legacy to a minimum and making it easy for us to move forward. Because if we can move forward more freely that just means more stuff for you guys in the end.

that's an awful lot of :words: for "i'm too lazy to update my application"

also i guess you missed the locations, charactername, and contracts api stuff that they added after announcing crest

CAKs are a step backward.

Hey

I'll try to make my next DevBlog look a little bit more happy with pictures and all.
The reason for doing this is mainly an effort to keep the legacy to a minimum and making it easy for us to move forward. Because if we can move forward more freely that just means more stuff for you guys in the end.

Is this safe? Can someone steal my account?

It is safe to provide your API key to applications and web sites as long as you are prepared to allow the application or web site to see your character and corporation information. You can specify which information is accessible for each customizable API key.

Sharing an API key does NOT give people access to your account while sharing your account password would. Therein lies the whole purpose of API keys. An API key only allows the recipient to view your character and corporation data but gives them NO control over it. They are NOT able to log in to the game or post on the forums with the API information. No part of the API key information is in any way generated from your account password - there is no way to calculate your password using this information.

... http://api.eve-online.com and http://api.eveonline.com will be permanently redirected to https://api.eveonline.com ...

So again: why SSL? Politely: justify it. Unless you plan on extending the API to allow people to make changes in some way, I just don't see the point.

I clicked on devblog link hoping for CREST news, left disappointed.

but seriously you've had how many months? to cut your system over and you're choosing just now to complain

you can hardly call "3 ceo characters on one account" to be typical usage and worth stringing along an old, insecure system whose only other redeeming feature was making it easy to determine whether a person is worth scamming

jEveAssets already moved to CAKe, but, I still get people who can not figure out they need a separate corporation key.

@CCP Explorer

Transition:
The process or a period of changing from one state or condition to another

So you want to kill the API as well?

I do not understand why on earth you continue to invalidate all the work the community have put into improving the eve experiences.

A lot of older applications, that are no longer maintained, will be useless after you remove the old API keys.
If you move away from the current API, even more will follow.

IMHO 3rd party apps adds value to eve. You should support us - not fight us...

I appreciate your letting me lookup names by TypeID but it would be nice to have an API that returns TypeId for names. My current workaround is using an SQL Query on data in EveHQ.

@CCP Explorer
Thank you for your reply (to my somewhat angry post)

Time is not really in you favor. The longer you wait, the more apps will be created using the current API.
Knowing in advance is great, but, it will not save stuff that are no longer maintained.
Unmaintained apps might not move forward, but, they can still be great IMHO.

Anyway, enough with the rants.
I'm just sad to see programs die with this change...

Maybe CCP should update all help links who are in the creation page of a CAK... It would motive to use this new system...

I created one link for research jobs but I clicked to the help button to know how use it. The help tell me to use a userID/apiKey/characterID while I only get an ID (for what ?) and a verification code...

Would it really be SPRING cleaning?

about 40% of the importXML statements in Google spreadsheets are not working today..

All my spreadsheets are broken.

Minor point: US and EU read numeric dates in reverse order, so to a US person the dates listed on the blog are actually April of 2012. How about using 4-Oct-2012 to disambiguate?

wget https://api.eveonline.com/
--2012-10-17 12:40:40-- https://api.eveonline.com/
Resolving api.eveonline.com... 87.237.39.199
Connecting to api.eveonline.com|87.237.39.199|:443... connected.
ERROR: cannot verify api.eveonline.comGÇÖs certificate, issued by GÇ£/C=US/O=GeoTrust, Inc./CN=RapidSSL CAGÇ¥:
Unable to locally verify the issuerGÇÖs authority.
To connect to api.eveonline.com insecurely, use GÇÿ--no-check-certificateGÇÖ.

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

ERROR: The certificate of GÇÿapi.eveonline.comGÇÖ is not trusted.
ERROR: The certificate of GÇÿapi.eveonline.comGÇÖ hasn't got a known issuer.

Hi, since the change today i'm getting:



and

and

A lot of older applications, that are no longer maintained, will be useless after you remove the old API keys.
If you move away from the current API, even more will follow.

IMHO 3rd party apps adds value to eve. You should support us - not fight us...

jEveAssets already moved to CAKe, but, I still get people who can not figure out they need a separate corporation key.

an application that is no longer maintained does only add value on the surface. its balast to everyone else,
and i prefer CCP to modernize stuff, especially after they gave every more than enough time to adopt the new keys.

its not CCP's fault if people are abandoning the software they launched. (and its a good reason why such software should be opensource anyways ;)

and its a good reason why such software should be opensource anyways

An application that is still used is still adding value even if it's outdated.

As for people abandoning software: we freeware SW developers write apps for ourselves and then decide to share them.
Developing software takes weeks, weeks off our spare time.

Whole generations of code I developed made use of COM / ActiveX and today, after 10 years they still work despite we are "centuries" away from that now. That was a (cumbersome) "API" that delivered.

Legacy apps use surpassed technology, are hard to recompile, often written for personal use on an immediate need (and thus no documentation, hurried spaghetti coding).

Came here wanting to rant about not being able to view current API's or even recently generated ones.

Saw the previous 4 pages and decided CCP had lots of problems with their adding an 'S' to the old http..

Going to leave still ranting but with added frustration because....

https://api.eveonline.com > login > pilot name > MENU DOESN'T GIVE AN OPTION TO VIEW CURRENT API'S

piece of **** webpage coding on a global internet company gives a bad impression amirite ?

Man this thread is awesome, Thunk was like hey this is broke and some Goon was like NO YOU"RE DOING IT WRONG and Thunk being the API Jedi that he is just went no look you misunderstand and the Goon was like NO YOU'RE DOING IT WRONG and Thunk again calmly waved his hand and said no you see you're not understanding me look here and the Goon was like NO YOU'RE DOING IT WRONG and Thunk said then Andski looked at the other Goon and was like Shut Up Stupid Thunk is a Jedi and then there was silence.