Authentication

The OpenAIRE APIs can be accessed over HTTPS both by authenticated and non authenticated requests. Currently, there is an adjustment period until September 2021, when the rate limit for both authenticated and non authenticated requests is up to 7200 requests per hour. After this period we plan to significantly lower the rate limit of non authenticated requests up to 60 requests per hour.

Please consider to make authenticated requests to achieve better rate limits. Check our Privacy Policy here.

OpenAIRE APIs Rate limits
Not authenticated requests up to 7200 requests per hour
soon to decrease - please see above
Authenticated requests up to 7200 request per hour

The only exception to this approach is the LOD API that will continue to be accessible only via HTTP and non authenticated requests at http://lod.openaire.eu/sparql with the current rate limits.

OpenAIRE APIs can be used for both authentication and authorization. Our OAuth 2.0 implementation, conforms to the OpenID Connect specification, and is OpenID Certified. OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol. For more information about OAuth2.0 please visit the OAuth2.0 official site. For more information about OpenID Connect please visit the OpenID Connect official site.

Requests

To access the OpenAIRE APIs with better rate limits, send your access token using the Authorization header.

	GET https://api.openaire.eu/{resourceServicePath}
	Authorization: Bearer {ACCESS_TOKEN}

To get an access token, we support personal access token creation and service registration.

Response Headers

x-ratelimit-limit The maximum number of requests allowed for the client in one time window.
x-ratelimit-used The number of requests already made by the client in the current time window.

The OpenAIRE APIs use a sliding time window of one hour.

Error Messages

404 - Not found

{
	"error": "Not found",
	"description": "Invald request path."
}

403 - Invalid Access Token

{
	"error": "Token invalid",
	"description": "Authorization header value invalid."
}

429 - Rate limit abuse for unauthenticated user

{
	"error": "Too many requests",
	"description": "Request rate exceeded. Slow down."
}

429 - Rate limit abuse

{
	"error": "Too many requests",
	"description": "Request rate exceeded. Slow down."
}