OpenSpecimen is a 100% REST API enabled application, which means each and every object can be created, read, updated or deleted (CRUD) using an API. The APIs are documented here: /wiki/spaces/CAT/pages/1116035.
Yes, the APIs have mechanism to authenticate the API invokers/callers based on the token included in every request. The auth token is included in the X-OS-API-TOKEN
header. More details about authentication can be found here.
The token is invalidated if it is not used for more than the configured session timeout minutes.
Unlike other social media applications (notorious for compromising users data), OpenSpecimen does not support persistent CP or user based tokens.
Yes. APIs are accessed via a OpenSpecimen user account. The CPs accessible to that user via the UI are the CPs that are accessible via the APIs. You can configure it by going to Users→Roles tab.
OpenSpecimen's Query module supports automated export of data into a CSV file. This CSV file can then be picked by an external program and processed.
Steps:
$OS_DATA_DIR/query-exported-data
using the following name format - scheduled_query_<query_id>_<job_run_id>.csv
. The advantage of this approach is that external developers do not have to spend time learning OpenSpecimen APIs.