-
|
There are future plans for Earthdata Login to deprecate support of 401 type apps. I am not sure if earthaccess would be impacted. Is this utilized for the s3 credential endpoint, for example? Or are we only supporting Oauth2? Thanks! |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 4 replies
-
|
@chuckwondo @betolink This has come up again at NSIDC, as we're planning for possible impacts of this deprecation. I know very little about EDL auth and only found this oauth documentation page for reference: https://urs.earthdata.nasa.gov/documentation/for_users/oauth2. Please let me know if you have any insights into this. Thank you! |
Beta Was this translation helpful? Give feedback.
-
|
We do the oauth2 "dance" already. While I haven't followed and/or have lost too much context from my NSIDC days, I think we're good.... if I remember correctly "401" type applications (I think this name is ick... 401 is an HTTP response code, not an authentication mechanism... this has always driven me nuts 😆 ) rely on HTTP Basic auth. So we should be able to delete a good deal of code that deals with that. Please correct me if I'm wrong :) |
Beta Was this translation helpful? Give feedback.
-
|
Fortunately, this does not affect us. That documentation is in regard to applications that use an OAuth2 authorization dance, such as a web application. In such cases, the app typically redirects users to EDL so they can login directly in EDL, without providing their credentials directly to the app. EDL then issues a temporary token to the app, and the app only sees the token, not the user's creds. Since earthaccess is a library that expects the user to provide their creds, or their user token (different from the temp token mentioned above), this is a completely different mechanism, and is unaffected by those documented changes. |
Beta Was this translation helpful? Give feedback.
-
|
Jinx! |
Beta Was this translation helpful? Give feedback.
-
|
Thank you both! I can't mark both as "answered" otherwise I would. I'm glad you both can confirm that we will not be impacted, and can potentially clean up some code to boot. I will try to keep tabs on the status of this and can write up an issue accordingly if/when this is implemented. |
Beta Was this translation helpful? Give feedback.
We do the oauth2 "dance" already. While I haven't followed and/or have lost too much context from my NSIDC days, I think we're good.... if I remember correctly "401" type applications (I think this name is ick... 401 is an HTTP response code, not an authentication mechanism... this has always driven me nuts 😆 ) rely on HTTP Basic auth. So we should be able to delete a good deal of code that deals with that. Please correct me if I'm wrong :)