- Home
- API & Resources
- Authentication
Authentication
The OpenAIRE APIs can be accessed over HTTPS both by authenticated and non authenticated requests. Currently, there is an adjustment period until October 2022, when the rate limit for both authenticated and non authenticated requests is up to 7200 requests per hour. After this period we plan to significantly lower the rate limit of non authenticated requests up to 60 requests per hour.
Please consider to make authenticated requests to achieve better rate limits. Check our Privacy Policy here.
| OpenAIRE APIs Rate limits | |
|---|---|
| Not authenticated requests | up to 7200 requests per hour
soon to decrease - please see above |
| Authenticated requests | up to 7200 request per hour |
The only exception to this approach is the LOD API that will continue to be accessible only via HTTP and non authenticated requests at http://lod.openaire.eu/sparql with the current rate limits.
OpenAIRE APIs can be used for both authentication and authorization. Our OAuth 2.0 implementation, conforms to the OpenID Connect specification, and is OpenID Certified. OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol. For more information about OAuth2.0 please visit the OAuth2.0 official site. For more information about OpenID Connect please visit the OpenID Connect official site.Requests
To access the OpenAIRE APIs with better rate limits, send your access token using the Authorization header.
GET https://api.openaire.eu/{resourceServicePath}
Authorization: Bearer {ACCESS_TOKEN}
To get an access token, we support personal access token creation and service registration.
Response Headers
| x-ratelimit-limit | The maximum number of requests allowed for the client in one time window. |
| x-ratelimit-used | The number of requests already made by the client in the current time window. |
The OpenAIRE APIs use a sliding time window of one hour.
Error Messages
404 - Not found
{
"error": "Not found",
"description": "Invald request path."
}
403 - Invalid Access Token
{
"error": "Token invalid",
"description": "Authorization header value invalid."
}
429 - Rate limit abuse for unauthenticated user
{
"error": "Too many requests",
"description": "Request rate exceeded. Slow down."
}
429 - Rate limit abuse
{
"error": "Too many requests",
"description": "Request rate exceeded. Slow down."
}
