...
Is there an ability to provide authentication by tokens or certificates?
TBDYes, the APIs have mechanism to authenticate the API invokers/callers based on the token included in every request. The auth token is included in the X-OS-API-TOKEN header. More details about authentication can be found here.
The token is invalidated if it is not used for more than the configured session timeout minutes.
Unlike other social media applications (notorious for compromising users data), OpenSpecimen does not support persistent CP or user based tokens.
Can we do read-only API credentialing per Collection Protocol?
...
- Via UI, create a query with filters (e.g. filter by CP) and defined view containing the columns needed by the external system
- Save the query
- Schedule the query to run at regular intervals (E.g. nightly)
- This creates In every run, the data satisfying the query filters are exported to a CSV file in a folder in the server. (VP: which folder/file name convention?). The exported CSV file is stored in the directory
$OS_DATA_DIR/query-exported-datausing the following name format -scheduled_query_<query_id>_<job_run_id>.csv. - Write an external program to monitor this folder the query export directory and process the required CSV files (using the filename scheduled_query_<query_id>_*.csv).
The advantage of this approach is that external developers do not have to spend time learning OpenSpecimen APIs.