December 19th, 2008 | Published in Google Orkut
Today, I'm pleased to announce the availability of REST and RPC protocols in the orkut sandbox. Currently, these APIs can fetch profile information and app data as well as update app data, and more features are planned.
All REST and RPC requests must be digitally signed by the issuer, which allows orkut to verify that they are coming from a trusted application. Generating these signatures requires a secret key, which is known only to you and orkut. You can request a secret key by submitting a gadget URL to https://www.google.com/gadgets/directory/verify and verifying ownership of this gadget. More information on this process and authentication in general is available in the new REST Protocol Developer's Guide.
Last but not least, a set of client libraries have been made available for PHP, Java, Ruby, and Python to simplify development using these new protocols. The libraries provide a convenient wrapper for the underlying low-level APIs and abstract away the tedious tasks of constructing the request URL, signing the request, and parsing the returned data. For more on these libraries, please see the official announcement on the OpenSocial API blog.