Skip to content

API Overview

Jump to bottom Edit New page
Brian Riley edited this page Nov 9, 2022 · 6 revisions

The DMPTool API provides two types of access: standard and protected. These two modes provide us with the flexibility to accommodate several different use cases:

  • Standard Access (aka OAuth Client Credential Grant):
    • A user wanting to access their own data
    • An organizational administrator wanting to access their user's data
  • Protected Access (aka OAuth Authorization Code Grant):
    • An external system wanting to access data on behalf of a user

All access types require you to authenticate using your API keys and then using the supplied access token to communicate with the API. See below to learn more about acquiring your API keys.

The protected access type involves acquiring a user's authorization via OAuth2 to acquire an access token which can then be stored and used to access that user's data.

Table of Contents

  1. API Keys
  2. Authentication
  3. Fetching the list DMP templates
  4. Fetching the list of DMPs
  5. Fetching or downloading a single DMP
  6. Editing a DMP
  7. Creating a DMP
  8. API Errors
  9. Pagination
  10. Further Reading

Getting an API key

API Keys can be acquired via the Developer Tools tab on your user profile page. To set them up, sign in to the DMPTool (or create an account), then click on your user name in the upper right hand of the menu bar. On the Developer Tools tab, fill out the form based on the type of access you require: standard (just fill out the top section), protected (fill out both sections)

screenshot of developer tools tab

Once you have filled out the form and saved your changes, the DMPTool will generate a client_id and client_secret for you to use when accessing the API.

screenshot of api credentials

If you want to access protected user data, then you must fill out the second section.

  • The application name helps us identify your system and will be displayed on the OAuth authorization screen the user sees when they are asked to authorize your system to access their data (e.g., if you use 'example.org' as the application name, the user would see "Example.org would like to read and download your DMPs")
  • We require that you specify at least one redirect URI, which should point to an OAuth2 compliant endpoint within your system. The DMPTool will send an authorization code to this endpoint as part of the OAuth workflow (see the API Authentication section for full details).
  • If you would like to receive notifications when a DMP you subscribe to has changed (new version), then please enter a callback URI (and HTTP method) that we can send the updated DMP metadata to. See the subscriptions section

Further Reading

If you'd like your system to gain access to protected data and are new to OAuth. You may find the following articles useful:

Add a custom footer

Home

Help for administrators

  1. Setting up the DMPTool
  2. Creating guidance
  3. Customizing funder templates
  4. Creating templates
  1. Usage
  1. Themes
  1. DMP IDs and Networked Data Management Plans
  2. Glossary
  3. Webinars

Translations

Single Sign On (SSO)

API Overview

  • Prior Version 1 (Deprecated ... please transition to version 2)
  • Prior Version 0 (Provides full text of Plans but will only receive security updates)
Clone this wiki locally