4. End User Access

End Users are able to interact with certain Metax APIs by utilizing Bearer Tokens for request authentication.

Compared to public users, end users have extra access to the following APIs:

  • /rest/datasets write access (create, update and delete), read access (owners can see sensitive data fields)
  • /rest/files write access (update only), read access for files in user’s projects
  • /rest/directories read access for files in user’s projects

4.1. Authentication

You can gain a Token by directing your web browser to the /secure endpoint, where you will be prompted to authenticate. Once authenticated, you are shown an access token in an encoded form, and information how long it will be valid. Copy the encoded token to a HTTP Authorization header, so that the end result looks like the following:

Bearer eyJraWQiOiJ.0ZXN0a2V5I.iwiYWxnIjoi

Real tokens in encoded form are very long, but above is an example what the HTTP Authorization header should look like, if the token value was very short. Now the HTTP Authorization header can be used in a request to Metax API. Below is an example how the header should be used when utilizing Python and the requests-library.

import requests

headers = { 'Authorization': 'Bearer eyJraWQiOiJ.0ZXN0a2V5I.iwiYWxnIjoi' }

# retrieve a file by its identifier. using the /rest/files API, its possible to only retrieve metadata
# of files where you are a member the file's project.
response = requests.get('https://metax.fairdata.fi/rest/files/abc123def', headers=headers)