The Export Tool exposes a web API that can be used to create and manage jobs.
The Export Tool has an API that can be called programatically via the web. For example, you can automatically schedule an export to be run weekly to accompany a humanitarian mapping project.
User authentication and authorization is a two-step process.
The Export Tool requires that users log into OpenStreetMap using OAuth 2.0a (you don't need to know this). This provides user identity, specifically an OSM username to associate with exports. You generally don't need to care about this, except to know that usernames are the same as on OSM.
Export client authorization is handled using OAuth 2.0. In a nutshell, client applications (such as this one) request access (in the form of "scopes"; "read" / "write" in this case) from the API, identifying themselves with a client ID. Users are prompted to authorize the application after being redirected. If they grant access, the Export Tool will mint a "bearer token" and provide it back to the client application for use when making API requests.
When making requests to protected resources, Authorization: Bearer <token>
can be included in the HTTP request headers, both to identify the user and to authorize the application.
More information on the Export Tool's implementation of OAuth 2.0 can be found in the Django OAuth Toolkit documentation. For Export Tool purposes, bearer tokens don't expire, but can be revoked.
Client applications can be created and managed using the application management console.
This is an incomplete list of API endpoints. For more information, please consult the source code on GitHub or explore the auto-generated API documentation.