Btcjam api not working?

[jwest411]

Hello,
I have been using btcjam for a little over half a year now, and I have decided to make it into the basis for my masters thesis in financial mathematics. I have connected and used various bitcoin APIs, such as Bitstamp, Campbx, Blockchain, and Bitcoincharts. However, it seems that the btcjam api is having some problems. According to the api "faq" page (the closest thing to documentation available), there are 5 methods available on their api. including 4 GET requests and 1 POST request:

GET:
user profile
open listings
user receivables
user payables
POST:
invest

However, since I started trying to access the API over a month ago, only the "open listings" method is working, while all of the others are returning an internal server (500) error. In have tried posting in the regular btcjam forum, but I have not gotten any responses there. I have also tried using bitcoinstack exchange to no avail, and their support has not responded to me in over 2 months. I have also hired someone (using oDesk.com) to help me try to debug this issue ASAP (because my thesis deadline is quicvkly approaching!) but he is also experienceing the same problem, and is not able to find a solution. Meanwhile, the btcjam blog has been very active recently, but has not mentioned anything about this (possible) api error)

If any devs our there have any insight on this matter, it would be greatly appreciated. If someone could say that they are currently either a) successfully using all btcjam api listings or b) having the same problem that I am, either of these facts would be very helpful.

Thoughts?

[juju]

This question will probably get answered better in the: Development & Technical Discussion board.

Several of the requests your listing, require authentication and probably some Header information to be sent to the server.

Example being: Coinbase you can GET the spotrate with a RESTAPI call, no headers added or authentication.
However if you tried to list your Coinbase transactions you need to Authenticate and use API keys for some methods.

[Tulkas]

Hi jwest411,

Thanks for pointing that out. We did some modifications recently and it broke the API for some users.

We will take a look at it and get back to you here.

[]'s

[Tulkas]

Hi jwest411,


API should be working for you know. Can you please verify?

Thanks.

[jwest411]

Thank you for your responses. @Juju, I didn't post it in the technical discussion section because it says it is for "Technical discussion about Satoshi's Bitcoin client and the Bitcoin network in general. No third-party sites/clients..." and I thought the btcjam api would count as a third party site/client. Anyways, The API is still only working for the "listings" request for me. When I try the endpoint
 https://btcjam.com/api/v1/me?appid=xxxx&secret=xxxxx
I am still getting a 500 error. I think you are right that I need some additional verification, but I am still not sure exactly what you mean, as it is not in the docs anywhere. All it says is that I need to append the above endpoint with my appid and secret. I am expecting that there need to be some headers, and probably some sort of hashed signature, but it is unclear exactly how their authentication is supposed to work. From what I understood in the docs and from the one support discussion I had about 3 months ago, oauth is supported but not required for authentication. Even so, I tried using the signpost api for implementing oauth in java, but even using that I still get the 500 error.

I know btcjam is very busy right now with a lot of things, and they probably dont have time to focus on more than the bare minimum functionality of the api. But given that the docs are incomplete, you don't respond to support requests for 3 months, and I know of at least 4 other people also getting 500 errors including 2 people I hired specifically to try to "debug" the api, I would say that this it is still not quite functioning at bare minimum. I think a little bit of time fleshing out the docs could go a long way for your dev customers.

[CorkTrader]

I have had a similar issue with using BTCJAM, except it is with the two-factor authentication. I had two-factor authentication set up, but for some reason my authenticator on my phone lost its entries because my phone was rebooted (I believe it had crashed or something). Not being able to provide a "verification code" will not allow me to make any transactions. I have had this set up with other services, and was successfully able to fix the problem through a little chat with customer service. BTCJam has yet to respond to any of my questions or concerns, and I am getting a little frustrated.

In regards to the original post, I would be interested in hiring a dev to help me with this problem. I am not your "techie" dude, but I believe there is an option to create an API application?

This is where I am with BTCJam, and I will notify the community if anything changes.

[jwest411]

@ Corktrader, thanks for your input. I believe that renewing access to your account after losing your two factor code is something you must do through support unfortunately. That being said, I think if you email them you will probably get a response at some point since it is a relatively straight forward process. The things they don't like responding to are the harder questions like "why doesn't your API work?" or "what do I do after I have won an arbitration?".

Good luck in regaining access to your account! I hope they start communicating with their customers soon.

-Paul

[CorkTrader]

Paul -

Thanks for the words of wisdom. I actually don't have a problem accessing the account, it's just that I can't provide the verification code to make any transactions due to the unfortunate situation with my phone. Just by you responding to my post, I have been able to put my mind at a 55% ease. Thanks!

[jwest411]

update on this situation:

I ALMOST got in touch with btcjam, though of course not through the official means of support (Alexis Aionio) but instead through Andre Goldstein. Instead it was because I sent them information that helped prove that a user's account was hacked, so that his creditors could get reimbursed. Andre told me that after the issue got resolved he would finally address my question about the API. Of course, that never happened. Here is a copy of my email, just FYI:

"
Hi Andre,
Thank you for taking care of the xxxxxxx situation and dealing with it appropriately.

I would really appreciate it if you could take the time to have one quick conversation with me about the API! You said you would so I am holding you to it, since Alexis won't respond to anyone's emails ever.

I am sure you are all noticing how your business is being stolen by bitlendingclub, and if you haven't you will soon. It is all over forums and facebook groups. I am trying to help you when I say that this is because of the horrible support you offer. In a related issue (related because this is support's issue), the one edge you have over them is that you have an API. but you still have not completed the docs, and your server is outputting 500 errors instead of giving any description of what went wrong, which is not what a fully fledged api should do.

Having a "reference client" is not a subsitute for complete docs and error handling. You api should be language independent.

If you could cater more to your dev customers like me, they would be able to help ferret out the much higher risk on your site which is the reason for everyone moving to bitlendingclub. It only takes a few customers with api access and an understanding of machine learning to make the entire marketplace more informed and efficient. You may not realize it, but you need the help of devs to save your company, and the only way to do that is by updating your api.

Then again, if you could just help me figure out why I and so many other people are getting 500 internal server errors, I would be fully satisfied. But wouldn't it be easier and better for everyone if you provided the tools to debug our own code in a public place?

I hope the tone in this email isn't off... I am a fan of btcjam and I don't want to move. I want to have a nice conversation with you but forgive me if your lack of communication has made me a bit desperate.

Best,
Paul
"

[GreenCoin22]

it's seem to black

[jwest411]

UPDATE: Andre has actually started responding to my emails. I will see how much information I can squeeze out before they go incommunicado again. But all jokes aside, THANK YOU btcjam. If I and other devs are able to make a succesful investment bot, this will show people the way for safe investing and increase the efficiency of your market. perhaps it will even decrease the default rate a little if information spreads enough, and if the devs are like me and don't really care about keeping their strats to themselves.

[jwest411]

this was the email sent to me by Andre from btcjam:

"
Hello Paul.

First of all, thank you for you interest in BTCJam api.

From the history of your emails, I am not sure of what kind of api usage you want. But to clarify, you can use BTCJam api in two different ways.

The first one is to poll data simply using your app id and app secret provided to you by BTCJam and calling the endpoints (currently there’s only one, the listings) via an http request. You can even type it in your browser’s address bar https://btcjam.com/api/v1/listings?appid=[APP ID]&secret=[APP Secret]

to test the endpoint calls. This will get you a json with open listings and some info about the borrower. I see you have already tried this method and it apparently works fine for you.

The other api access type utilizes OAuth2 delegation method. With this method you redirect your user to our login page(sending your app_id and app_secret), and after the user has logged in to BTCJam and authorized your app to access its data, the user will be redirected to your web site (via the callback url you configured).

After the user has authorized your web app to access his data, you need an access token to this user, which will be used on the subsequent api calls your web app will be performing on behalf of the BTCJam user. You can then call the Token BTCJam url to request the access and refresh token for this user. You should store those tokens and use the access token for every api call. When this token expires you must request a new access token using the access+refresh token.

With this method of authentication you can use the api request to get the User’s data such as profile, open listing, receivable, payables and also make an investment on behalf of the user.

One thing I noticed in your code is that you are trying to use OAuth – that is, the version of OAuth which is not compatible with Oauth2 and it’s actually more complicated than the version 2.

So my recommendation would be to look for a Java OAuth2 library that can handle the low level part for you, so you only need to specify the parameters you actually need. Also,you probably can find java OAuth2 implementations that communicate with other services (such as Facebook or Twitter), and you might only need to change the app_id/secret and the service URLs, since the OAuth2 protocol works the same for all service providers.

On a side note, we are currently expanding our api, so even if the current api does not expose the information or method you wished to use, we encourage you to tinker and play with the API as it is, since you would only have to extend your code to use the new methods after you have your client up and running.

We are also planning on having a working Java example of OAuth2 application on the website, but we have not yet found the time to do so.

If you need more information or face dead-ends we will be happy to further advise you.

Regards, Demiam"

[karlb]

I've been trying to get this to work for a few days in c#
The first step I took was to get an access token by going to the api access tab on the settings page, then click "Link to authorization code:"
When I click authorize it redirects me to https://btcjam.com/?code=xxxx
Code=xxx being the access token I assume?
The only thing is I'm not sure how to use this access token
I've looked here: http://stackoverflow.com/questions/11068892/oauth-2-0-authorization-header
Which suggests putting "Bearer = " + AccessToken in the header, like this:

Code:

var request = (HttpWebRequest)WebRequest.Create("https://btcjam.com/api/v1/api/v1/me");
request.Method = "GET";
request.Headers["Authorization"] = "Bearer= " + AccessToken;
var response = request.GetResponse();
var postreqreader = new StreamReader(response.GetResponseStream());
var json = postreqreader.ReadToEnd();

But all I get is still 500 errors.
I think I'm close to having it working but I need a nudge in the right direction. Anyone?