are credentials, tokens, authentication needed for obtaining personal information from an ORCID?

97 views

Skip to first unread message

menelaos....@cfa.harvard.edu

unread,

Apr 11, 2018, 10:30:32 AM4/11/18

to ORCID API Users

I have a very simple use case in which all I need to do is to obtain the first and last name of a researcher given their ORCID.

My system will not use ORCID for authentication / single sign-on purposes as we have our own authentication system.

I am trying to navigate the bloated, buggy, visually distracting, all over the place, orcid.org web site where I read things

about needing to "register" my client application, needing to obtain "credentials" (Client ID and Client secret), needing

to obtain an access token through three-legged OAuth authorization, etc.

OTOH, I found (almost by accident as the web site makes it very hard to find anything purposefully) that a simple

GET to, e.g.

https://pub.orcid.org/v2.0/0000-0003-3031-1435/person

... fetches me all the information I need for my use case without any kind of authorization required provided the researcher

has configured their First and Last name to be publicly retrievable. I don't suppose my application will make more than

1000 calls per year on average, and maybe one call per second during peak time.

So the question is:

Do I need to concern myself with "registering" my "client application", "credentials", "access tokens", "three-legged OAuth

authorization" for such a simple use case?

Peters, Robert

unread,

Apr 11, 2018, 10:50:54 AM4/11/18

to menelaos....@cfa.harvard.edu, ORCID API Users

Hi Menelaos,

For the Public API you are not required to use credentials. Those that use clients get better support. If we notice issues or have concerns we know who to contact. Also since the Public API allows anonymous traffic it experiences more issues that affect it's uptime and also is assigned our lowest uptime priority.

For those institutions that have membership they should be taking advantage of the member API (api.orcid.org). In your case just one 2-step token is required https://github.com/ORCID/ORCID-Source/tree/master/orcid-api-web#generate-a-two-step-read-public-access-token

Cheers,
Rob

Robert Peters

Technology Director at ORCID.org

Cellphone: +1.805.440.9056

Email: r.pe...@orcid.org

Skype: rcpeters

Timezone: PST
Key for OpenPGP email communication:
https://keys.mailvelope.com/pks/lookup?op=get&search=0x1519F37D99E18378

--
You received this message because you are subscribed to the Google Groups "ORCID API Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to orcid-api-users+unsubscribe@googlegroups.com.
To post to this group, send email to orcid-api-users@googlegroups.com.
Visit this group at https://groups.google.com/group/orcid-api-users.
For more options, visit https://groups.google.com/d/optout.

Reply all

Reply to author

Forward

0 new messages