Skip to main content

Authentication

All OpenAtlas APIs are protected and require authentication using a short-lived bearer token.

To obtain this token, you must authenticate using Basic Auth credentials — typically your OpenAtlas-provided username and password.


Step 1: Login and Retrieve Token

Use the /login endpoint with Basic Auth to retrieve your token:

curl --location -X POST 'https://vantage.open-atlas.com/login' \
--user 'your_username:your_password'

This will return a JSON object with your access token:

{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Step 2: Use the Token in API Requests

Include the token in the Authorization header for all subsequent requests.

curl -X POST 'https://vantage.open-atlas.com/protected-areas/geometries' \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{ "type": "FeatureCollection", "features": [ ... ] }'

You can optionally export the token into your environment to reuse it easily:

export YOUR_BEARER_TOKEN="eyJhbGciOiJIUzI1NiIsInR5cCI6..."

And then use it in requests like this:

curl -H "Authorization: Bearer $YOUR_BEARER_TOKEN" ...

Token Expiry

Tokens are short-lived and will expire after a certain duration. If you receive a 401 Unauthorized response, simply re-authenticate using /login to obtain a new token.


Tips for Integration

  • Store tokens securely in memory (not hardcoded into files)
  • Avoid exposing credentials in client-side environments
  • Refresh tokens on expiry rather than generating one per request

Need help getting started or managing credentials?
Contact our team and we’ll assist you.