Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[bioontology-support] API Security

Lore, Michelle H lore at
Mon Feb 8 06:35:56 PST 2021

Thank you, John! I appreciate your response.

Thanks again,

From: John Graybeal <jgraybeal at>
Sent: Friday, February 5, 2021 9:39 PM
To: Lore, Michelle H <lore at>
Cc: support at
Subject: Re: [bioontology-support] API Security


I'm sorry, but despite some awareness of security concerns, I'm not familiar with the precise meaning of the term "API security". The top few references on the web indicate it is a bit of an abstract concept, e.g., "the application of any security best practice applied to web APIs."

So that doesn't help you too much, but I can give you a few pieces of information you can pass along to your campus security. We use REST API services with per-user API keys, TLS encryption (https)  and rate limits. (There are some public services that do not require API keys.) We do not additionally encrypt our message packets, since the TLS encryption provides encryption for them (and also enforces appropriately secure signatures on the transaction).

I hope that is enough information for you and them. We are used by upwards of 75 university and similar installations, and we have not had concerns expressed or security questions asked (to my knowledge), so I hope but can not promise that is some indication of the suitability of our security for this heavily accessed research system.


On Feb 5, 2021, at 2:55 PM, Lore, Michelle H <lore at<mailto:lore at>> wrote:


I’m a REDCap administrator at University of Illinois at Urbana-Champaign. We’re looking to enable the biomedical ontology auto-suggest functionality that REDCap provides, and our campus security is requesting information about the API security of the BioPortal API. I looked on the API documentation page and throughout the NCBO website and could not find anything explicitly about API security. Any additional information you can provide is appreciated.

Thank you,

Michelle Lore, MS (she/her)
REDCap Application Specialist
Interdisciplinary Health Sciences Institute
University of Illinois | Urbana-Champaign
901 W. University Avenue, Suite 201 | MC-261 | Urbana, IL 61801
Phone: (217) 244-9666 | Email: lore at<mailto:lore at>

bioontology-support mailing list
bioontology-support at<mailto:bioontology-support at><;!!DZ3fjg!tWB4WA3GIB5AT_zK93_vIJ5q2LTV2iF1LrmlM5nC8hoI7mxV8oQU19kMAw9oGg4$>

John Graybeal
Technical Program Manager
Center for Expanded Data Annotation and Retrieval /+/ NCBO BioPortal
Stanford Center for Biomedical Informatics Research
650-736-1632  | ORCID  0000-0001-6875-5360

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the bioontology-support mailing list