This is documentation for web based authentication. The process is slightly different for a desktop application. You must follow one of these two processes if you want to authenticate with Vimeo.

Note: This authentication method has been deprecated. Please see the OAuth authentication guide.

Get a Developer API Key

To use the Advanced API, need to register your application. You need to be logged in to register your application.

Make sure you fill out the Callback URL field when signing up to get a key. (We'll get to that in step 3)

Create a login link

The first time a user uses your application, you'll need to send them to Vimeo so they can authenticate. You do this by creating a login link.

http://vimeo.com/services/auth/?api_key=api_key&perms=perms&api_sig=api_sig

api_key
should be replaced with your application's API key.
api_sig
is a signature of all the parameters sent to the call. Signatures are created by using your API secret and the other arguments listed in alphabetical order.
perms
are the permissions that your app requires. Possible values are:

read
Permission to read private information.
write
Permission to add, edit, and delete video metadata (comments, tags, etc). Includes read.
delete
Permission to delete videos. Includes read and write.
Assuming our API key is 12345 and our secret is 6789, our signature string would be:
6789api_key12345permswrite

Get the md5 of the signature string and that is the api_sig parameter:
db83adce00f7d41600e4ee600d8d67c2

Create a callback page

Once the user gives permission to your application, Vimeo will forward them back to your callback page. (the Callback URL associated with the API Key)

The url will have a parameter called "frob" appended to it. So if your callback url is:
http://localhost/auth.php

the user would be redirected to:
http://localhost/auth.php?&frob=0a2b00f

Get the token from the frob

Your application should take the frob and convert it to a token by calling vimeo.auth.getToken. You will need to create a signature like we did before and pass it to the method.

For this method, the signature string would be:
6789api_key12345frob0a2b00fmethodvimeo.auth.getToken

The signature would be:
e3f74c8b8939fd080a45a59b068379a8

After passing your API Key, the frob, and your signature to the method, you should get a response like this:

<?xml version="1.0" encoding="UTF-8"?>
<rsp stat="ok" generated_in="0.0021">
  <auth>
    <token>12345</token>
    <perms>write</perms>
    <user id="101193" username="brad" fullname="Brad Dougherty" />
  </auth>
</rsp>

The token is what you'll need to send along to any authenticated call. It's good until the user revoke's permission via their Vimeo settings.

Make an authenticated call

Using your token, you can make authenticated calls. A good test method is vimeo.test.login.

You don't need to pass anything special, just your API Key, method name, and auth token.

Our signature string would be:
6789api_key12345auth_token12345methodvimeo.test.login

The signature would be:
7f8c9d783624277f0325934b0483b4f1

Which will return:

<?xml version="1.0" encoding="UTF-8"?>
<rsp stat="ok" generated_in="0.0021">
  <user id="101193">
    <username>brad</username>
  </user>
</rsp>