Authentication
Authentication with InterMine Web services is chiefly used to identify a user and access their lists and templates.
Tokens come in two flavours: Temporary/anonymous and permanent/associated with an existing account. Each token will uniquely identify an individual for a single specific InterMine instance -cross-mine applications will need 1 token per user per InterMine.
To authenticate a user, add a token to your HTTP requests, typically as a GET or POST parameter, e.g.:
Not all endpoints require authentication - use I/O docs to identify which endpoints do require authentication.
Anonymous authentication#
Anonymous 24-hour tokens are available via the /session method, and are useful for working with short-term disposable lists. If users want to preserve their lists or view existing lists associated with an account, they should be encouraged to use a permanent token (see docs below).
Should result in a response like this:
Expired token gotcha:#
Make sure not to pass any old or invalid tokens as arguments when requesting the new token.
This request will not return a token, and will return a 401 instead:
I/O Docs demo:#
Experiment with anonymous tokens in I/O docs: http://iodocs.apps.intermine.org/flymine/docs#/ws-session/GET/session
Authentication for existing user accounts (permanent tokens)#
Via the JSP UI, log into "MyMine" (top left corner tab) and click on "account details". Your token / API key is shown at the bottom. If none exists, you can choose to generate a new API key.
Note regarding generating API keys:#
If you already have a key, don't click the "Generate a new API key" button unless you wish to invalidate your old key! Only one key is active at any given time.