Authentication
All OpenAtlas APIs are protected and require authentication using a short-lived bearer token.
To obtain this token, you must authenticate using Basic Auth credentials — typically your OpenAtlas-provided username and password.
Step 1: Login and Retrieve Token
Use the /login endpoint with Basic Auth to retrieve your token:
curl --location -X POST 'https://vantage.open-atlas.com/login' \
--user 'your_username:your_password'
This will return a JSON object with your access token:
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}
Step 2: Use the Token in API Requests
Include the token in the Authorization header for all subsequent requests.
curl -X POST 'https://vantage.open-atlas.com/protected-areas/geometries' \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{ "type": "FeatureCollection", "features": [ ... ] }'
You can optionally export the token into your environment to reuse it easily:
export YOUR_BEARER_TOKEN="eyJhbGciOiJIUzI1NiIsInR5cCI6..."
And then use it in requests like this:
curl -H "Authorization: Bearer $YOUR_BEARER_TOKEN" ...
Token Expiry
Tokens are short-lived and will expire after a certain duration. If you receive a 401 Unauthorized response, simply re-authenticate using /login to obtain a new token.
Tips for Integration
- Store tokens securely in memory (not hardcoded into files)
- Avoid exposing credentials in client-side environments
- Refresh tokens on expiry rather than generating one per request
Need help getting started or managing credentials?
Contact our team and we’ll assist you.