Authenticating, Libraries, Session Keys, Sample GET

Authentication Review

Authentication consists of sending ArchivesSpace a username and password and receiving a session key in return.

Any interaction with the API after the initial authentication must then include that session key (in the header) until the session expires.

These slides discuss authenticating and then storing and sending the session key when using Python.

In order to authenticate with Postman, we posted our password to the user endpoint:

http://localhost:8089/users/admin/login

And we used our password as a parameter:

?password=secure_password

This assumes:

In real life, you may be using a base URL that is not the default. So instead of:

It might be more like:

Also in real life, you'll be using an ArchivesSpace staff account. I recommend creating one just for the API:

In which case this would be your user endpoint:

http://localhost:8089/users/api_user/login?password=squp6nusk1TIK

http://hogwarts-archives-api.org/users/api_user/login?password=squp6nusk1TIK

Authenticate in Python with the Requests library

What's a Python library?

A collection of built-in modules. Simply put, they are some of the tools in your Python toolbox.

If you're a plumber, you use different tools than a carpenter and vice versa.

As someone interested in a RESTful web API that's sending and receiving JSON you'll use different Python libraries than a programmer working with mathmatical data sets or XML data.

Here are some libraries that I use all the time:
And here are some libraries I use occasionally or in more advanced scripts:

ArchivesSnake is a Python library specifically designed for the ArchivesSpace API. Though I have an ArchivesSnake example, I am not using ASnake for these demonstrations.

Why not? This is very much a personal opinion, but I found that learning Requests first was easier, then I progressed to using ASnake. This is a beginners presentation, and as beginners you will need to learn Python as a broad tool first, then using that knowledge, progress towards the more specific goal of using ASnake for the Aspace API.

But if you already have some Python knowledge, want to start with ArchivesSnake, or simply disagree, go for ASnake!

Compare these:

('http://localhost:8089/users/admin/login?password=secure_password').json()

(baseURL + '/users/' + user + '/login?password=' + password).json()

Authenticate in Python with ArchivesSnake Python client

Use Requests to GET the Morris Canal Company records resource record

Which is resources/1 in my local install

Store and send the session key

Get the "other collection"

Which is resources/101 in my local install