OAuth 2.0

[pnorman]

OSM is deprecating OAuth 1.0a and HTTP Basic Auth.

Your application was identified as making HTTP Basic Auth calls, which will stop working later this year. We are still working out a precise timeline.

[westnordost]

Well, I think I could remove auth altogether, as it is only making public calls and it doesn't seem to be realistic that these API calls will be made into API calls that can only be done with a logged in user only anytime soon.

[mmd-osm]

It seems EWG is starting a new attempt at the GDPR topic. Some of the map notes API endpoints are currently listed as "disallow call" (https://wiki.openstreetmap.org/wiki/GDPR/Affected_Services), i.e. you would need some sort of authentication to call these endpoints, once this gets implemented.

I'm not exactly clear if EWG will make much progress on this topic in 2024. Maybe you could keep an eye on what they're planning.

[westnordost]

Hmm, thanks. Maybe I'll then just get an access token manually and put it into the conf of that script

[matkoniecz]

I think I could remove auth altogether, as it is only making public calls

In my experience not authenticated calls are getting throttled far faster than authenticated calls, so doing read only calls on larger scale still does need this.

I am not entirely sure about this, not checked code, but it seemed a clear pattern to me.

[westnordost]

Hey, what are you doing? Didn't you see that the issue is closed? El 21 de enero de 2024 7:41:06 CET, Mateusz Konieczny ***@***.***> escribió:

…

> I think I could remove auth altogether, as it is only making public calls In my experience not authenticated calls are getting throttled far faster than authenticated calls, so doing read only calls on larger scale still does need this. -- Reply to this email directly or view it on GitHub: #12 (comment) You are receiving this because you modified the open/close state. Message ID: ***@***.***>