Export Tool API

The Export Tool exposes a web API that can be used to create and manage jobs.

Overview

The Export Tool has an API that can be called programatically via the web. For example, you can automatically schedule an export to be run weekly to accompany a humanitarian mapping project.

Authorization

User authentication and authorization is a two-step process.

The Export Tool requires that users log into OpenStreetMap using OAuth 2.0a (you don't need to know this). This provides user identity, specifically an OSM username to associate with exports. You generally don't need to care about this, except to know that usernames are the same as on OSM.

Export client authorization is handled using OAuth 2.0. In a nutshell, client applications (such as this one) request access (in the form of "scopes"; "read" / "write" in this case) from the API, identifying themselves with a client ID. Users are prompted to authorize the application after being redirected. If they grant access, the Export Tool will mint a "bearer token" and provide it back to the client application for use when making API requests.

When making requests to protected resources, Authorization: Bearer <token> can be included in the HTTP request headers, both to identify the user and to authorize the application.

More information on the Export Tool's implementation of OAuth 2.0 can be found in the Django OAuth Toolkit documentation. For Export Tool purposes, bearer tokens don't expire, but can be revoked.

Client applications can be created and managed using the application management console.