Authentication

To authenticate with the one-mnhs API, you’ll first need to create an account and generate your API credentials token here.

Once you’ve got a credentials token, you can pass it as a Bearer token to any endpoint in the API:

creds = "your_creds_here_but_remember_to_never_commit_secrets"

resp = requests.get(
    "https://mnhs-rma-prod.uc.r.appspot.com/census/count",
    headers={"Authorization": f"Bearer {creds}"},
)

Using Access Tokens (Legacy)

Formerly, authenticating with the API required that you use your credentials token to sign in via the /auth/sign-in-with-api-creds endpoint to get an access token. That flow is still supported and at this time there are no plans to deprecate it. As above, you’ll need to create an account and generate API credentials, then sign-in like so:

import json

import requests

creds = "your_creds_here_but_remember_to_never_commit_secrets"

resp = requests.post(
    "https://mnhs-rma-prod.uc.r.appspot.com/auth/sign-in-with-api-creds",
    data=json.dumps({"apiCreds": creds})
)
access_token = json.loads(resp.content)["accessToken"]

Then, on any subsequent requests to the API, pass your “access token” in the header as a Bearer token:

resp = requests.get(
    "https://mnhs-rma-prod.uc.r.appspot.com/census/count",
    headers={"Authorization": f"Bearer {access_token}"},
)

Access tokens expire after 30 minutes, so if your session lasts longer than that you’ll need to refresh your token by repeating the POST to the /auth/sign-in-with-api-creds endpoint. If your requests start returning 401 responses, then you need to refresh your token. You can also check whether your access token is expired or not at this endpoint:

resp = requests.put(
    "https://mnhs-rma-prod.uc.r.appspot.com/auth/verify-access-token",
    data=json.dumps({"token": access_token})
)
# Will be a simple boolean:
check = json.loads(resp.content)
if not check:
    # Do the refresh
    pass