@larsgw @inventaire ooh, thanks for the notice, it should be fixed now. Currently, for non-public resources, you would need the user username and password to get a session cookie to authenticate the requests. If it's a website for your own needs, that can be fine, but for other users, we would rather need OAuth tokens.

I'm curious about the use-case you have in mind? Maybe we could include the OAuth tokens in the next NGI/NLnet grant request, if we can make a case for it

@maxlath @inventaire I'm working on a catalog of taxonomic identification keys (https://identification-resources.github.io/), which includes a specialized search engine. Apart from domain-specific factors, it ranks results based on availability of the resource. I'd like users to be able to link their personal library and get slightly better results.

(I'd also like users to be able to link their institutional/local libraries through Worldcat but that seems difficult.)

@larsgw @inventaire It should already be possible to access all the publicly shared inventory items (and also shelves and lists) without auth, just by entering their username:
- with the username, you can get their user id via https://inventaire.io/api/users?action=by-usernames&usernames=georges
- with the user id, you can get inventory public items https://inventaire.io/api/items?action=by-users&users=6a65aa87e68e161650bf7741ad001249 or the public inventory view https://inventaire.io/api/items?action=inventory-view&user=6a65aa87e68e161650bf7741ad001249

But for non-public items, we will need to implement OAuth first. Beside the auth workflow, the inventory data requests would remain the same, so I think you could already validate that it works for your use-case with what's already there. Let me know if you need any other pointers