Signing API now available

Over the years, addons.mozilla.org has had many APIs. These are used by Firefox and other clients to provide add-on listings, blocklists, and other features. But there hasn’t really been an API that developers can interact with. As part of ongoing improvements to the site, we’ve started focusing on producing APIs for add-on developers as well.

Our first one aims to make add-on signing a little easier for developers. This API enables you to upload an XPI and get back the signed add-on if it passes all the validation checks.

To use this API, log in to addons.mozilla.org and go to Tools > Manage API Keys. Then agree to the terms and fetch an API key and secret to use in subsequent API calls.

Untitled

Once you’ve done that, generate authorization tokens and use the documented API to sign your add-on.

The documented examples use curl to interact with the API. For example:

curl https://addons.mozilla.org/api/v3/addons/my-addon/versions/1.0/
-XPUT --form 'upload=@build/my-addon.xpi' -H 'Authorization: JWT your-jwt-token'

This is just the first of the APIs that we hope to add to the site and a path that we hope will lead to increased functionality throughout the add-ons ecosystem. This feature is under development, so we are keen to hear feedback or any issues.

1 response

  1. Angly Cat wrote on :

    That’s great news! Thanks for this!