can't get project data (without authentication?)

[nickreich]

I didn't authenticate, but should still be able to get public info/data

> zoltar_connection <- new_connection()
> the_projects <- projects(zoltar_connection)
get_resource(): GET: https://zoltardata.com/api/projects/
Error in get_resource(zoltar_connection, url_for_projects(zoltar_connection)) : 
  Forbidden (HTTP 403).

[nickreich]

I guess now I am remembering that we did this to avoid bots hitting it...

[matthewcornell]

Yes, we decided that any API access requires an account. The docs say this too. Are you rethinking this?

[nickreich]

Is there some middle ground, to allow people to download public data without having the API be overloaded by bots?

[matthewcornell]

Maybe we are talking about two different things:

1. Authorization (who can view what). currently you must at least be authenticated (i.e., have an account)
2. Bandwidth (how much users are allowed).

The API library we use does seem to have support for throttling: https://www.django-rest-framework.org/api-guide/throttling/ . I've never dealt with this before.

[mzorn-58]

Can this issue be closed?

[matthewcornell]

We'd need to work out the above issues before moving forward. Prioritization is up to @nickreich .

[nickreich]

I don't think there's a clear issue here. going to close it.