Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[bioontology-support] [BioPortal] Feedback from Francis Nguyen

Sergiu Dumitriu sdumitriu at gmail.com
Wed Mar 4 13:07:08 PST 2020


Hi John,

Thanks for the clarification, we'll alter the codebase to instead accept
the key as an external configuration parameter.

The project (which has a temporary name while we keep searching for a
proper one) is https://github.com/ccmbioinfo/lfs , a medical data
repository that we're developing initially for the Li-Fraumeni syndrome,
but with the goal of being capable to configure for any kind of data. At
the moment, BioPortal is used as a service listing available ontologies,
which a sysadmin would use to search for and "install" ontologies that
would subsequently be available for populating the answers to certain
questions, such as "Race/Ethnicity reported" or "Co-morbidities".

On 3/4/20 2:46 PM, John Graybeal wrote:
> Sergiu (and everyone running open source projects that are accessing
> BioPortal!),
> 
> Thank you for this question!
> 
> Yes please, you should keep your API key private, so that others don't
> use it and the privileges that come with it. We suggest keeping the key
> in a private repository, or better, setting the key as a
> run-time/start-up configuration from files accessible only to your
> project, so that it is not exposed to the public in this way. (After
> all, if anyone forks your code, you don't want them to use your key in
> running the software—then we would be asking you questions if their
> version of the software was doing something bad.)
> 
> Can you share with us (offline if you'd rather, or on the list if you
> want the advertising :->) what project this is used for? We'd like to
> start keeping track of all the projects that use BioPortal, so it will
> be very interesting to hear from you.
> 
> John (jgraybeal - at - stanford.edu <http://stanford.edu>)
> 
>> On Mar 4, 2020, at 10:49 AM, Sergiu Dumitriu <sdumitriu at gmail.com
>> <mailto:sdumitriu at gmail.com>> wrote:
>>
>> Hello Michael,
>>
>> Sorry for the late reply, I've been away for a few days.
>>
>> I have a few questions about the API key. Although it belongs to my
>> "personal" account, we're actually using it in an open source software
>> project, and the key is public in the source code. Given that we don't
>> have any custom ontologies associated with the account, at least at the
>> moment, and we only use the publicly available ones, should we try to
>> keep the key private?
>>
>> Thanks,
>> Sergiu
>>
>>
>> On 2/28/20 4:39 PM, Michael Dorf wrote:
>>> Super! Thanks a lot!
>>>
>>> Michael
>>>
>>>> On Feb 28, 2020, at 1:18 PM, Francis Nguyen
>>>> <fr.nguyen at mail.utoronto.ca <mailto:fr.nguyen at mail.utoronto.ca>
>>>> <mailto:fr.nguyen at mail.utoronto.ca>> wrote:
>>>>
>>>> Oh, my apologies, I wasn't aware this was a public forum -- I just
>>>> used the "Contact Us" link at the bottom of the page. I just updated
>>>> my API key on our end (And yes, Sergiu and I work together).
>>>>
>>>> Thank you for your help!
>>>> -- Francis Nguyen
>>>>
>>>> On Fri, 28 Feb 2020 at 16:02, Michael Dorf <mdorf at stanford.edu
>>>> <mailto:mdorf at stanford.edu>
>>>> <mailto:mdorf at stanford.edu>> wrote:
>>>>
>>>>    Hi Francis,
>>>>
>>>>    Thank you for contacting support. The /submissions endpoint is
>>>>    naturally a bit slower, as it retrieves roughly 1000 records
>>>>    without the benefit of pagination. That said, we’ve had some
>>>>    intermittent performance issues with our REST services around the
>>>>    time of your request. The endpoint is working fine on my end now.
>>>>
>>>>    On a different note, this list is a public forum, and sharing your
>>>>    private API key with the entire community is never a good idea.
>>>>    I’ve invalidated the API key you shared and replaced it with a new
>>>>    one. There appears to be a different user attached to the API key
>>>>    you were using. Are the two of you part of the same organization?
>>>>    In any case, I’ll follow this up with a private email to the owner
>>>>    of the original API key (CCd), containing the new API key for the
>>>>    account. If you two are related, please ask him or her to share
>>>>    the new API key with you.
>>>>
>>>>    Thanks,
>>>>
>>>>    Michael
>>>>
>>>>
>>>>
>>>>>    On Feb 28, 2020, at 7:13 AM, support at bioontology.org
>>>>> <mailto:support at bioontology.org>
>>>>>    <mailto:support at bioontology.org> wrote:
>>>>>
>>>>>    Name: Francis Nguyen
>>>>>
>>>>>    Email: fr.nguyen at mail.utoronto.ca
>>>>> <mailto:fr.nguyen at mail.utoronto.ca>
>>>>>    <mailto:fr.nguyen at mail.utoronto.ca>
>>>>>
>>>>>    Location: https%3A%2F%2Fbioportal.bioontology.org
>>>>> <http://2Fbioportal.bioontology.org>
>>>>>    <http://2fbioportal.bioontology.org/>%2F
>>>>>
>>>>>
>>>>>    *Feedback:*
>>>>>
>>>>>    Hello,
>>>>>
>>>>>    I'm trying to access the BioOntology API at:
>>>>>
>>>>>    http://data.bioontology.org/submissions/?apikey=8ac0298d-99f4-4793-8c70-fb7d3400f279&display_context=false&display_links=false&include=acronym%2Cdescription%2Cname%2Contology%2Creleased%2Cstatus%2Cversion
>>>>>
>>>>>    Unfortunately, I'm getting a blank page. This URL was working
>>>>>    yesterday -- did something about the API change?
>>>>>
>>>>>    Thank you for your time,
>>>>>    Francis Nguyen
>>
>>

-- 
Sergiu Dumitriu
http://purl.org/net/sergiu


More information about the bioontology-support mailing list