User Authentication
Scribd's API has a very simple system for authenticating user accounts (note this is distinct from API accounts). There are three choices for handling user authentication:
1. No user authentication
All API calls must be authenticated by passing your api_key, but they do not require additional user authentication. If you just pass the api_key, the API call will be made as if you, the Scribd user with the API account, executed them. This would be the natural authentication method for a book publishing company, for example, who would want all its books associated with its own account.
2. API sessions
API sessions are necessary for an application that is meant to be used by existing Scribd users, to act on their behalf. To use API sessions, have your application log in as an existing Scribd user using the user.login method. Pass this method a username and password of a Scribd user, and it will return a session key. You can then use that session key with any document method to act as the user associated with the session. We suggest that you save previous session keys used by your application in a database to make it easy to switch between your application's users.
To use a session key, simply pass it as the value of the session_key parameter. For example:
3. The my_user_id parameter
This is intended to make it easy for web applications with their own user authentication systems to integrate with Scribd's user model. For example, if you have a website that allows job seekers to upload a resume, you could easily integrate your user model with ours, ensuring that each resume is attached to a sort of "phantom" Scribd user who represents the job seeker who uploaded it. Having this kind of user information will make searching and browsing with the API much easier for you and help keep things organized.
All you need to use this method is some unique identifier for each of your users like a username or user ID. Pass this unique identifier as the value of the parameter my_user_id to any document API method. The method will then be executed on behalf of a phantom Scribd user identified by the unique ID you gave us. For example:
