Upcoming API Access Restrictions

Dear Astro-COLIBRI Community,

We’re writing to inform you about some upcoming changes to our API access, which we believe are necessary steps to ensure the continued smooth operation of our platform and to safeguard its resources.

Over the past weeks/months, we’ve seen a significant uptick in the usage of our freely accessible API endpoints. While this surge in activity is a testament to the growing interest in our platform and the incredible work being done by our community, it has also highlighted the need for us to implement measures to prevent misuse and ensure equitable access for all users.

As such, with the next release of Astro-COLIBRI, we will be deploying restrictions on certain API endpoints, particularly those that are computationally and I/O intensive, such as “latest_transients” and “cone_search.”

What Changes Can You Expect?

  1. Authentication Requirement: To access these endpoints, users will be required to include a valid UID (User ID) of a registered user. This ensures that only authorized users are able to access these resources and thus helps to prevent the most common attacks.

  2. Usage Limits: Each registered user will be allowed a quota of 100 API calls per day. We believe this limit should be more than sufficient for typical use cases. However, we understand that certain users or use cases may require additional access, and we’re happy to discuss increases on a case-by-case basis.

How Will This Impact You?

For the majority of users, these changes should have minimal impact on your experience with Astro-COLIBRI. Only direct uses of our API endpoints are concerned. The latest versions of our smartphone apps will continue to function without the need for any intervention. In any case, we understand that any change can be disruptive, and we’re committed to ensuring a smooth transition.

What Do You Need to Do?

If you haven’t already done so, we encourage you to create a user account on our platform. It’s a simple process, and we have a handy YouTube tutorial to guide you through it. Once you’ve created an account and verified your email address, you’ll be able to access your UID in the account settings of our graphical interfaces (web and smartphone apps).
If you want to use our API outside our graphical interfaces, you’ll simply send this ID together with your other parameters in your request to our API. We have already updated our documentation and interactive examples even though the new rules will only be deployed with the next major release. This should leave you the necessary time to adapt the integration into your workflow.

Your Feedback Matters

We understand that these changes may raise questions or concerns, and we want to hear from you. Please feel free to share your thoughts, feedback, or any issues you encounter on our user discussion forum. Your input will help us fine-tune these adjustments and ensure that Astro-COLIBRI continues to meet the needs of our diverse and vibrant community.

Thank you for your ongoing support and understanding as we work to improve and secure our platform for everyone.

Clear skies and happy exploring!
Fabian for the Astro-COLIBRI team

1 Like

Hi Fabian, thanks for the warning.
I got my API uid and modified the request filter in my queries.
1- very little problem with the login to the forum which stopped to be automaticaly chained from the colibry site.
2- for the Api Access , when can we get a try to the new process from Prism? up to now I Was using my email adress in the filter… Now the given Api UID! … I shoud see no difference… do you provide a test Url for the new approach?
Great job

Thanks for the feedback!

  1. Strange. Maybe the connection is reset after a while? :man_shrugging:
  2. If you transmit the UID in the POST request, the transition should be seemless. We don’t have a test version of the API but I’ll give you a heads-up when we activate the new API so that we can run some tests together.

Seems fine, Thanks!

1 Like