The docs for deleteFiles and createRegistration mention using POST if the GET query string might get too long. I've tried that and couldn't get it to work because I couldn't get the signature right anymore, or the server wasn't seeing my POSTed params.
Which parameters need to enter into the signature? All of them? Just the ones in the query string? I'm guessing the answer is "no" to both, as neither worked for me, although the same doc says to create the sig key based on a string that includes "every parameter on the query string". Doing so caused SCORM Cloud to ignore my "courseid" parameter which was now coming via POST.
What am I missing?
After doing some research on the issue locally, it looks like we're treating POST parameters appropriately, and although I don't think it's entirely necessary, it may help to make all your parameters one or the other, that is, make sure all your parameters are provided on the query string or that they are all posted. Our server will actually aggregate the GET and POST parameters into a unified request map and calculate signatures based on that aggregate set, so if you mix GET and POST params, you'll have to exercise the same care to use the aggregated set of parameters in the signature you send. Even in the clients we've provided, doing this mixed behavior could be a little difficult to implement. Do you happen to be using one of our libraries? If not, what language are you working with? Are there any libraries you're using to abstract the work of posting the web service requests? What does your signature algorithm look like? Many thanks for the info!