Introduction/Getting Started
Last updated
Was this helpful?
Last updated
Was this helpful?
← builds from main branch
← builds from dev branch
Navigate to either base URL above to see the API and model reference for v2 API on either the main or dev branch.
This documentation assumes you are familiar with programming languages such as Python, as well as the big-picture functionality of the API. For a more thorough breakdown of the functionality of an API, consider documentation such as Postman's .
Reach out to or make noise in if you have questions.
The PDAP API is how internal and external users programmatically access information and make changes to the PDAP Data Sources database.
Logged-in and authenticated users can get access to the API.
The majority of API routes require one of two forms of Authentication: API Tokens, and JSON Web Tokens (JWTs). A limited number of endpoints allow one or the other.
API tokens are long-lived tokens used for endpoints with low security needs that do not modify existing data, such as GET requests.
API tokens can be passed to accepting endpoints using Basic authorization (i.e., Basic <TokenName>).
API tokens can be obtained by using the /api-key endpoint and generating login credentials
API tokens are long-lived, and users can only have one active at a time.
JWTs can be passed to accept endpoints using Bearer authorization (i.e. Bearer <TokenName>)
An access_token and refresh_token are both generated by the /login and /login-with-github endpoints
The access token is the token to be used for most endpoints
Separate single-purpose JWTs are used for specific endpoints, such as /reset-password
Different endpoints have different rate limits to them, with endpoints like /data-sources/{resource_id} GET Being more generous than endpoints such as /login. This helps prevent abuse of the system, and should minimally impact normal usage.
GET Agencies
are short-lived encrypted tokens used for more secure endpoints