Reference info:
- https://pyinaturalist.readthedocs.io/en/latest/user_guide.html#authentication
- https://www.inaturalist.org/pages/api+reference#auth
- https://www.inaturalist.org/pages/api+recommended+practices#authentication
If you want auth to be 100% automated, you will need to register an OAuth2 app. Outside of iNaturalist.org, anything else that uses the API to create or modify data is considered an “application,” even if you’re just running some scripts on your own computer.
If you want to go that route, I think on the client side there’s not going to be much practical difference between using the OAuth access_token vs JWT api_token, except that the JWT will need to be refreshed every 24 hours instead of every hour. Depending on how you store your creds, that may or may not make a difference. Someone please comment if there are more differences I might be missing there.
However, if you don’t need it to be 100% automated and are okay with copy-pasting from the browser like pisum suggested, that does give you the advantage of not having to register an OAuth app. pyinaturalist doesn’t currently use JWT by default because it hasn’t been needed yet, but that could certainly be added. You can request that in a new issue here, if you’d like.
You can use the existing access_token parameter, since both JWT and OAuth2 tokens get sent the same way (via the Authorization request header):
from pyinaturalist import create_observation
create_observation(
..., # Your observation details
access_token='<your api_key here>',
)
Or if you don’t need pyinaturalist’s features, you could also do it with plain requests:
import requests
requests.post(
'https://api.inaturalist.org/v1/observations',
json={'observation': {...}}, # Your observation details
headers={'Authorization': 'Bearer <your api_key here>'},
)