When 2FA is enabled, every login / sign-in requires users to input their password, OTP, and user ID.
With such security measures, a regular user account cannot be used to invoke the OpenSpecimen APIs by automated systems.
Starting v8.1, a new type of user - API user is implemented.
API users are a special type of users that user who do not require OTP for sign-in. However, they have one important security restriction - : API calls can be restricted from to a certain IP address (or range).
...