SkipUse API Documentation
Terminology
Access Pass:
A way for a member of an account, who is not logged in, to get and update their own Picks from the shared Collection.
Collection:
A shared list of Pick IDs that can be picked from (Pick Query) by the user-owner or by the owner's members. The Pick ID can be any characters (UTF-8) and must be less than 255 characters long. 50,000 Pick IDs can be stored for one Collection.
Member:
The owner-user can add members to their account. A member can have access to the Pick ID collection and have their own Pick information stored for them. The owner-user also has a permanent member ID.
Nibble:
An amount of time used or charged by the API server for data and processing which is collected into a unit called a Nibble. A user has a set amount of Nibbles they can use before a payment to continue will be required.
Pass:
An action that moves a Pick from its current queue position to it's auto-rating position with-in the queue. Use Pass when Skip or Use actions do not apply but a Pick needs to be moved from it's current queue position without affecting the Skip or Use ratings or count values.
Pick:
The metadata for a Pick ID for a member. Includes: popularity ranking, user-defined JSON and an option to 'Stop Using.'
Pick Query:
A custom query to get back a list of desired Picks.
ProxyID:
An identification code that SkipUse has assigned to represent the user for the current session.
Skip:
An action that tells the SkipUse to not use a Pick quite as often when getting it from a Pick Query.
SkipUseToken:
A required token that is exchanged with the API server for customs Apps. See the SkipUseToken library section to get the code for your project.
Use:
An action that tells the SkipUse to use a Pick more often when getting it from a Pick Query.
Communication with the server
API Version:
https://skipuseapi.com/v1/
"Hello" test:
Say 'hello' to the server and see if it is up and running:
GET Request URL:
(API)/hello
Response:
"Hello, there"
NOTE: other responses below produce "application/json"
SkipUseToken file and library:
The SkipUse API requires that a 'SkipUseToken' is passed for each private session call.
The token library files are on GitHub:
JavaScript:
- TBA
Java code:
Or...
- Copy the skipUseTokenModule.js in the example Project Apps.
(Open the App source code and copy the file from the js source at: /apps/app-js/skipUseTokenModule.js)
JavaScript usage of SkipUseToken, the skipUseTokenModule.js:
The SkipUseToken is typically passed as a parameter for API calls.
1 - Reset and create a new token:
You must first contact the server with an initiation SkipUseToken generated by the token library using the resetToken() function which clears the previous token and creates a new one.
2 - Get the new token:
Get the new token from the getMyTokenString() function. Send this token to the service using the /initiate call.
3 - Process the return token:
Process the returned token from the server's response by passing it into the processToken(tokenStr) function. The token will update if it is approved.
Important: Do not call the processToken() function more than once per call/received token. The token processing must stay in-sync.
4 -Reply:
When calling the server again, use the buildReply() function. This will give you an updated from the processed token.
Flow:
Once the initiation has been sent, the typical token flow goes like this:
- processToken(tokenStr) from the server
- buildReply() to send to server
- processToken(tokenStr)
- buildReply()
- repeat
Start a session:
You must first contact the server with an initiation SkipUseToken generated by the token library using the resetToken() method.
GET Request URL:
(API)/skipusetoken/(skipUseToken)/initiate
Response:
{ "proxyID":"2d662007-1fb8-41cc-95d2-ddb7b540c71f", "skipUseToken":"15005558705541500", "status":"OK", "remainingNibbles":"Login to get remaining data nibbles.", "memberName":"", "memberID":-1, "message":"", "followUpRequired":true, "validationCodeRequired":false, "errorMessage":"" }
Don't forget to process the returned skipUseToken:
Use the processToken(SkipUseToken) function to stay in-sync.
NOTE: the "followUpRequired":true which indicates that you must call the '/clearFollowUp' API before continuing.
NOTE: a "proxyID" was returned and will be required for all further communications for this session.
Proxy ID:
The server keeps track of a user's session with a proxyID which is assigned after the initiate call.
The proxyID will be used in the URL path as a parameter for each request.
NOTE: Only one proxyID can be used per user at a time. If a user logs in when an active proxy already exists, the old proxy will be logged off and no longer valid.
NOTE: Idle sessions over 15 minutes will be logged off and no longer valid.
Clear a follow-up:
A response back to the server is required when the JSON contains a "followUpRequired:true". This is used for security reasons for some requests.
NOTE: In some cases, follow-ups MUST be cleared within 30 seconds. If not cleared, the request change will be reverted and the proxy will no longer be valid.
GET Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(skipUseToken)/clearFollowUp
Response:
{ "proxyID":"03bb441b-a34b-41ec-ac2d-39b990be3ec4", "skipUseToken":"32800923893108009", "status":"OK", "remainingCredits":"0", "memberName":"", "memberID":-1, "message":"", "validationCodeRequired":false "followUpRequired":false, "errorMessage":"" }
Important: You must clear the follow up within 30 seconds or you will need to re-initiate your communication with the server and get a new proxyID. If need to do this: get a new SkipUseToken by calling resetToken() on the token library first then follow the initiate steps again.
Important: If you create your own code to handle requests, be sure to look for "followUpRequired:true" in the response and immediately clear the follow-up before making further requests.
Login:
POST Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/login
email: the account's email address.
password: passphrase or validation code received via email from SkipUse.
Body:
{ "email":"spelling-demo@skipuse.com", "password":"password" }
Response:
{ "proxyID": "2e53dabb-8ae0-46bd-8692-0f6f201beefe", "skipUseToken": "38074711109073807", "status": "OK", "remainingNibbles": "25", "memberName": "Demo user", "memberID": 1553572857, "message": "", "errorMessage": "", "followUpRequired": false, "validationCodeRequired": false }
You are considered to be logged in when you have a memberID that is greater than zero.
Logout:
POST Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/logout
Response:
{ "proxyID":"", "skipUseToken":"", "status":"OK", "remainingNibbles":"Login to get remaining data nibbles.", "memberName":"", "memberID":-1, "message":"", "followUpRequired":false, "validationCodeRequired":false, "errorMessage":"" }
The ProxyID for the session will no longer be valid.
Set Pick ID Collection:
Set a Collection of Pick IDs to be used by you and all your members.
Only one collection per user is currently allowed. You can store up to 100,000 Pick IDs each with a maximum character length of 255.
Important: Do NOT allow your members to set there own Pick ID values or update the Collection.
Tip: don't store your actual data in a Pick ID, store an ID that represents your data instead.
POST Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/collection/(memberCollectionID)
Body:
collectionName: the displayed collection name.
splitCSV: true: Splits all Pick IDs into separate values by a comma followed by a space.
pickIDList: The Pick IDs.
{ "collectionName":"My Collection", "memberID":2863529197, "splitCSV":true, "pickIDList":[ "pickID1, pickID2, pickID3, pickID4" ] }
Response:
{ "proxyID": "5f4ccdc0-44c8-457b-8219-079230ec8481", "skipUseToken": "2158541187809027", "errorMessage": "", "followUpRequired": true, "validationCodeRequired": false, "status": "ACCEPTED", "remainingNibbles": "25", "ownerName": "Demo user", "ownerID": 2863529197, "message": "", "memberCollection": { "pickIDList": [ "pickID1, pickID2, pickID3, pickID4" ], "splitCSV": false, "memberID": 2863529197, "collectionName": "My Collection", "lastUpdated": 1635718323000 } }
NOTE: the "followUpRequired" is true, a follow-up is now required.
Get Pick ID Collection
GET Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/collection/(memberCollectionID)
Response:
{ "proxyID": "5f4ccdc0-44c8-457b-8219-079230ec8481", "skipUseToken": "75770284975125175", "errorMessage": "", "followUpRequired": false, "validationCodeRequired": false, "status": "OK", "remainingNibbles": "25", "ownerName": "Demo user", "ownerID": 2863529197, "message": "", "memberCollection": { "pickIDList": [ "pickID1", "pickID2", "pickID3" ], "splitCSV": false, "memberID": 2863529197, "collectionName": "My Collection", "lastUpdated": 1635718126000 } }
Undo last Collection change
POST Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/collection/(memberCollectionID)/undo
Response:
{ "proxyID":"fb84f64d-9eb8-4a9b-bde5-497580357bbf", "skipUseToken":"3070185012847733", "status":"ACCEPTED", "remainingNibbles":"24", "ownerName":"Demo user", "ownerID":1553572857, "message":"", "clientCollection":{ "pickIDList":[ "pickID1", "pickID2", "pickID3" ], "splitCSV":false, "collectionID":1967776617, "collectionName":"My Collection", "lastUpdated":1547244135000}, "errorMessage":"", "followUpRequired":true, "validationCodeRequired":false }
Set Pick Query
Set query options for returning Pick IDs.
Important: The Pick Query is not stored between sessions and must be set before GET query requests (this does not apply to Access Passes.) If not set, a default Pick Query will be used.
NOTE: After setting the initial POST request, a GET can then be used for additional requests.
POST Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/query
Body:
{ "memberCollectionID": 0, "memberIDList": [ 2863529197 ], "howMany": 6, "newMixInPercentage": 50, "excludeRecentPicksHours": 0, "searchOptionList": [ "RACING", "BALANCED", "GET_MORE_IF_SHORT" ], "resultOptionList": [ "INCLUDE_CATEGORY_INFO", "RAMP_NEWEST" ], "advancedOptionList": [ "DEBUG_QUERY" ], "categoryList": [ "ANY" ] }
Optional, but still a good idea to set these:
memberIDList: optional (MemberIDs, Default=OwnersID): For these Member IDs.
memberCollectionID: optional (MemberID, Default=OwnersID): The Member's Collection you want to use for searching Picks.
howMany: optional (0-50000, Default= 50000): How many Picks to return.
newMixInPercentage: optional (0-100, Default=0): Try to send back this percentage of new/unused Picks. (lastUpdated == null)
excludeRecentPicksHours: optional (0-8760 hours, Default=0): Default 0 hours. Set the number of hours to not return recently updated Picks.
Search Options:
searchOptionList: Search for Picks by...
- QUEUE: default: Standard mix of Picks with more Used count and less Skipped. (Additional modifier keyword: RESET. Used to reset the QUEUE search mode if Pick updates from mixed use of other search modes has broken the Pick ordering.)
- BALANCED: Picks are chosen by the count used and the auto-percentage the Pick is expected to be used. Picks are returned by how much they are not in balance.
- RACING: Think of the Tortoise and the Hare story where Picks race to be chosen. The Picks in the lead are chosen. Their speed is determined by the auto-percentage and their track placement by when they were last updated.
- FAVORITE: Picks by highest auto-rating percentage.
- WORST: Picks by lowest auto-rating percentage.
- RANDOM: Picks are chosen randomly weighted by their auto-percentage rating.
- STOP_USING_ONLY: Picks that have been marked for non-use. NOTE: This will ignore some other settings by returning all marked Picks in the current collection.
- PICK_INFO: Return details for just one Pick.
NOTE: you can select two search modes and the two results will be blended together. (See the Result Options)
searchOptionList: Modifiers. (additional ways to modify the search)
- GET_MORE_IF_SHORT: Return Picks even if the other query options can't find the Picks you want. Do not include if you want exact query results.
- USE_TIME_OF_DAY: Search using time of day. This option works well for finding Favorite Picks at the current time of day, where the Picks might not be favorites at a different time of day. NOTE: QUEUE, STOP_USING_ONLY and PICK_INFO search options do not use this option.
- INCLUDE_STOP_USING: If there are Picks marked with the STOP_USING flag, they normally will not be returned. Use this option if you would like to include these Picks in the results.
- ENHANCE: This may provide better Pick results based on what is actively being Skipped and Used; attempting to match Picks with the live trends.
- PERCENT_GREATER_THAN and/or PERCENT_LESS_THAN: Restrict returned Picks to be within a set range of auto-rated percentages.
Result Options:
resultOptionList: key-words to alter the results from from the Search Options.
Order results by the auto-rating percentage:
- RAMP_NONE: default: No ordering.
- RATE_DOWN: Auto-rating percentage from High to Low.
- RAMP_RATE_UP: Auto-rating percentage for Low to High.
- RAMP_OLDEST: Oldest last time stamp updated Picks first.
- RAMP_NEWEST: Newest last time stamp updated Picks first.
Combine results option when using multiple Search options:
- BLEND: default: Combines the 'agreed upon' best results together.
- MERGE: Treats results equally when combining together.
Category metadata in the results:
- INCLUDE_CATEGORY_INFO: Returns any category information associated with the Picks returned. (Slower response time and might cost more because of additional server processing.)
Advanced Options:
Additional options for advance operations.
advancedOptionList: Key-words:
- DEBUG_QUERY: See what is happening with your Pick Query. Returns a detailed message in the JSON result about what settings were used to return the Pick List.
- RESET: Re-orders Picks to work with Search Option QUEUE (if it is no longer returning expected results.) Using non-QUEUE search options can alter the results of the QUEUE search option. Only use this option if you want to use the QUEUE search option but the results are no longer returning expected results from the use of other Search Options. Since this operation reorders ALL the provided member's Picks, this process may take some time. The returned results will not be in the reordered state and a later call will be needed to see notice the results.
Category Options:
Get the Categories that have been marked for return Picks. (Slower response time and might cost more because of additional server processing.)
categoryList: Return picks marked with a category for the selected member. Provide the desired Category names.
Additional modifiers that can be used by adding one keyword to the list:
- ANY: default: Picks will be returned with or without categories.
- NONE: Only Picks with no categories will be returned.
- NOT: Only Picks that do not have the provided categories will be returned.
- PICK_OR: (the default if categories are provided) Return Picks marked with any of the Categories. (not an AND where Picks must be marked with ALL the categories provided)
- EACH_CATEGORY: (coming soon)
NOTE: If more than one provided, choice will limit to just one. Ordering: (ANY > NONE > NOT > EACH_CATEGORY)
NOTE: Remember to set 'INCLUDE_CATEGORY_INFO' in the resultOptionList if you want to see category information returned.
Other:
Limit Pick results to provided IDs:
pickIDList: You can also limit the result to only return Pick IDs that are in this list.
Important: Pick IDs in this list must already be in the collection or they will be ignored.
Return Only ONE Pick:
pickID: Set this Pick ID string ONLY if you are searching for ONE Pick with this Pick ID. If a Pick is not stored yet, an empty Pick List will be returned with a the Pick's member ID set to 0.
Response:
{ "proxyID": "fb736ee8-cb27-4e2d-a30b-a691cb34894d", "skipUseToken": "6729592417071498", "status": "OK", "remainingNibbles": "25", "ownerName": "Demo user", "ownerID": 3290123131, "message": "", "pickList": [ { "memberID": 41252, "pickID": "possibilities", "skipped": 0, "used": 3, "json": "", "stopUsing": false, "autoRatePercentage": 87, "categoryList": [], "searchOrigin": "BY_PICK_INFO", "lastUpdated": 1530551309000 } ], "followUpRequired": false, "validationCodeRequired": false, "errorMessage": "" }
Get Pick Query
Can be used after the initial Pick Query has been set (above). Else, the query will use the default values.
GET Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/query
Response:
{ "proxyID": "fb736ee8-cb27-4e2d-a30b-a691cb34894d", "skipUseToken": "9709837843511151", "status": "OK", "remainingNibbles": "25", "ownerName": "Demo user", "ownerID": 3290123131, "message": "", "pickList": [ { "memberID": 41252, "pickID": "pickID26", "skipped": 0, "used": 3, "json": "", "stopUsing": false, "autoRatePercentage": 87, "categoryList": [], "searchOrigin": "BY_PICK_INFO", "lastUpdated": 1530551309000 } ], "followUpRequired": false, "validationCodeRequired": false, "errorMessage": "" }
From the pickList Pick details:
memberID: The member ID for the Pick.
pickID: The ID for your use.
skipped: The number of time the Pick has been Skipped.
used: The number of time the Pick has been Used.
json: An optional JSON value you can store with the Pick.
stopUsing: A flag used for normal Pick Query to exclude a Pick from being returned.
autoRatePercentage: A percentage (0-100) of how popular a Pick is.
categoryList: A list of Category names a Pick is been marked with. ("includeCategories":true in the Pick Query must be set)
searchOrigin: Which Search Option was used to choose the Pick.
lastUpdated: A timestamp for when the Pick was last stored. A null value would also mean that it is a new Pick.
Skip - Use - Pass Picks
POST Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/skip Options: /skip /use /pass
memberIDList: the members Pick's to update.
pickIDList: the list of Pick IDs to update.
Body:
{ "memberIDList":[40835], "pickIDList":["pickID3"] }
Response:
{ "proxyID":"fb736ee8-cb27-4e2d-a30b-a691cb34894d", "skipUseToken":"5305919550296565", "status":"OK", "remainingNibbles":"25", "memberName":"Demo user", "memberID":41252, "message":"", "followUpRequired":false, "validationCodeRequired":false, "errorMessage":"" }
Update Pick
Optional fields to update on a Pick. Best used for updating the 'Stop Using' and additional 'JSON' abilities. Can be useful if Pick counts must be reset for some reason.
PUT Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/pick
Body:
memberID: required
pickID : required
skipped: paying user optional: set how many times skipped
used: paying user optional: set how many times used
json: optional: JSON you provide that is under 255 characters
stopUsing: optional: flag to 'stop using' for some Pick Queries
autoRatePercentage: paying user optional: set the auto-percentage for Pick placement in Pick Queries
categoryList: not allowed here. Use mark/unmark category API call
lastUpdated: not allowed. Information only
{ "memberID": 1631431869, "pickID": "separate", "skipped": 100, "used": 0, "json": "", "stopUsing": false, "autoRatePercentage": 50, "categoryList": [], "lastUpdated": 1571879881000 }
Response:
{ "proxyID": "6cfff1ac-93c6-416d-b500-ab9b1f778e05", "skipUseToken": "57355995210953757", "errorMessage": "", "followUpRequired": false, "validationCodeRequired": false, "status": "OK", "remainingNibbles": "25", "ownerName": "Demo user", "ownerID": 1631431869, "message": "", "pickList": [ { "memberID": 1631431869, "pickID": "separate", "skipped": 100, "used": 0, "json": "{}", "stopUsing": false, "autoRatePercentage": 50, "categoryList": [], "lastUpdated": 1571879891000 } ] }
NOTE: Picks that have not been updated for 4 years will be deleted. (A Pick will also be updated by the Skip-Use-Pass actions and denoted by the lastUpdated field.)
NOTE: Picks that have been marked as 'Stop Using' will be deleted after 8 years.
Create/Delete Category
POST/DELETE
Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/category
Body:
memberID: required: for the member
categoryList: the category names to add for the member
{ "memberID": 1631431869, "categoryList": [ "Cats", "Dogs" ] }
Response:
{ // Example pending }
Get Categories
GET
Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/memberid/(memberID)/category
Response:
{ "proxyID": "4065cf69-1975-4a7c-a07c-678d2a8ac18f", "skipUseToken": "38743491181311320", "errorMessage": "", "followUpRequired": false, "validationCodeRequired": false, "status": "OK", "remainingNibbles": "25", "ownerName": "Demo user", "ownerID": 2863529197, "message": "", "clientMemberCategoryList": { "memberID": 2863529197, "categoryList": [ "Food Words", "Starts with an A" ] } }
Patch Category
PATCH
Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/memberid/(memberID)/category
Body:
{ // Example pending }
Response:
{ // Example pending }
Mark Pick With Category
Add a category to a Pick for a member.
POST
Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/mark
Body:
{ // Example pending }
Response:
{ // Example pending }
Un-mark Pick With Category
Remove a category on a Pick for a member.
POST
Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/unmark
Body:
{ // Example pending }
Response:
{ // Example pending }
Create Members
POST Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/member
memberNameList: A list of member names to add. Duplicates will be ignored.
Body:
{ "memberNameList":[ "Bob", "Betty" ] }
Response:
{ "proxyID":"09e04fc6-d078-468b-be84-8f4352b8adc0", "skipUseToken":"9043748713075558", "status":"ACCEPTED", "remainingCredits":"100", "memberName":"Demo user", "memberID":40835, "message":"", "memberIDMap":{ "Betty":41099, "Bob":41098 }, "errorMessage":"", "validationCodeRequired":false, "followUpRequired":false }
NOTE: a member will also have their own collection that can be used by the owner member or other members.
NOTE: you can have up to 100,000 members. Contact SkipUse if you require more.
Get Members
GET Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/member
Response:
{ "proxyID":"09e04fc6-d078-468b-be84-8f4352b8adc0", "skipUseToken":"0795586093496185", "status":"OK", "remainingCredits":"100", "memberName":"Demo user", "memberID":40835, "message":"", "memberIDMap": { "Bob":41098 }, "errorMessage":"", "validationCodeRequired":false, "followUpRequired":false }
memberIDMap: A map of the member's name and their member ID.
Update Member
PATCH Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/member/(memberID)
Body:
oldName: the previous member's displayed name.
newName: the new member's name.
{ "oldName":"Phil, PC", "newName":"PC, Philly" }
Response:
{ "proxyID":"09e04fc6-d078-468b-be84-8f4352b8adc0", "skipUseToken":"0795586093496185", "status":"OK", "remainingCredits":"100", "memberName":"Demo user", "memberID":40835, "message":"", "memberIDMap": { "PC, Philly":41098 }, "errorMessage":"", "validationCodeRequired":false, "followUpRequired":false }
Delete Member
Remove a member.
Important: Deleting a member will delete their Picks and their Collection. Be careful to delete if another member or Access Pass rely on this collection for their Picks. You cannot recover a deleted member, Picks or Collection.
DELETE Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/member/(memberID)
Response:
{ "proxyID":"96fc4167-dc83-4043-9f10-87204fc278c4", "skipUseToken":"1154122481495939", "status":"ACCEPTED", "remainingNibbles":"25", "memberName":"Demo user", "memberID":41252, "message":"", "followUpRequired":false, "validationCodeRequired":false, "errorMessage":"" }
Get Profile
GET
Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/profile
Response:
{ // Example pending }
Update Profile
PUT Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/profile
Body:
ownerName: optional: replace the account owner's displayed name.
email: optional: change the account's email address
password: optional: replace the current password
{ "ownerName":"", "email":"", "password":"newPaZZW0rD" }
Response:
{ "proxyID":"6e238115-83ee-42ee-abe1-45d52cdd05f4", "skipUseToken":"85183291109443385", "errorMessage":"", "followUpRequired":false, "validationCodeRequired":false, "status":"ACCEPTED", "remainingNibbles":"25", "ownerName":"Demo user", "ownerID":1631431869, "message":"", "clientProfile":{ "ownerName":"Demo user", "email":"spelling-demo@skipuse.com", "password":"" } }
Create Access Pass
Create an Access Pass for external public users to get access to a save Pick Query and make Skip-Use-Pass updates for a Collection of Pick IDs.
POST
Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/accesspass
Response:
{ // Example pending }
Get Access Pass
Get all Access Passes.
GET
Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/accesspass
Response:
{ // Example pending }
Update Access Pass
Update an Access Pass.
PATCH
Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/accesspass
Response:
{ // Example pending }
Delete Access Pass
Delete an Access Pass.
DELETE
Request URL:
(API)/proxyid/(proxyID)/skipusetoken/(token)/accesspass
Response:
{ // Example pending }
CAUTION:
Pick ID:
Pick IDs can be links or possibly malicious code. When developing, do not allow your users to directly set Pick IDs.
Pick JSON data:
A Pick may store JSON data which could possibly be exploited. Don't allow your user's to directly set their own JSON data.
Member Name:
Use caution when displaying member names for public consumption. Member names could be exposed and exploited. Use caution when allowing your member to set their own name.
Member Category:
Use caution when displaying member categories for public viewing. Member's can have their own categories for organizing their Picks.
Pick Collection/Name:
To be safe, don't allow your members to add or modify Pick IDs to your collection or change the collection name. Since the Pick ID collection is shared among all members and public Access Passes, that could spell trouble very quickly.