API client authentication

Hi folks,

I’m trying to learn the basics of writing a little PHP API client for Omeka Classic. I can get GET requests to work, but I can’t find documentation for how to go about doing authentication. The only example I found was in the Omeka S forum, and I tried to follow its example unsuccessfully; I assume that Omeka Classic and Omeka S may have different protocols, but maybe not:

Based on that example, I tried a GET request that worked great, and a DELETE request that did not:

$apiUrl = $endpoint;
$apiUrl.= 'tags/2875';
$apiUrl.= '?key_identity='.$username.'&key_credential='.$password;

$options = [

print "<h2>Test: $apiUrl</h2>";

$ch = curl_init($apiUrl);
curl_setopt_array($ch, $options);


(where username = the username associated with my account, and where password is the API key)

Trying this, I got the response:

{“message”:“Invalid GET request parameter: “key_identity””}

So I’m guessing that’s not how we pass keys in Omeka Classic.

I tried the URL without the authentication string, and I also tried adding key=$password the $apiURL (commenting out the third line of the code above)and both got a surprised me:

{“message”:“Invalid record. Record “Tag” must define an ACL resource.”}"

According to p44 of the documentation, that indicates a 500 error for requesting an invalid record. I would have expected something of a more 403/Forbidden sort.

Is there some documentation on how to format authenticated requests to the API? I’ve scoured the documentation I haven’t found this. (The one PHP-based example client doesn’t authenticate. I got a few ideas from the Python example, but nothing that worked.)


Hi all,

I’m still trying to figure out how to successfully connect with an API client. Any advice?


It’s somewhat buried in the documentation but for Classic you just specify key as a GET paramteter. Keys are created in a tab of a user edit page just like in S, though unlike S there’s just a single key rather than the identity/credential pair.

1 Like

This topic was automatically closed 250 days after the last reply. New replies are no longer allowed.