Access to the ORCID Public API requires a set of credentials consisting of a Client ID and a Client Secret. This guide describes the steps needed to obtain ORCID Public API credentials. ORCID members need not register for the public API as their member credentials can be used instead. To register for member credentials see Register a client application.
Public API credentials are tied to an individual's ORCID record and cannot be transferred to another person. Organizational API credentials are available to organizations that support ORCID through a paid membership subscription. Learn more about ORCID membership.
We recommend that developers test the Public API in the sandbox testing server before using the production version. Once tested in the sandbox environment, you can follow the same steps below to obtain credentials for the production environment.
For more general information see the Public Client ORCID API.
Enable developer tools
- Sign into your ORCID record:
Production server: https://orcid.org/signin
Sandbox testing server: https://sandbox.orcid.org/signin
- Click Developer Tools at the top of your record.
Note: In order to access Developer Tools, you must verify your email address. If you have not already verified your email address, you will be prompted to do so at this point.
- Click the "Register for the free ORCID public API" button
- Review and agree to the terms of service when prompted.
Register an application
- After agreeing to the terms of service, you will be directed back to Developer Tools (https://orcid.org/developer-tools or https://sandbox.orcid.org/developer-tools). Complete the form presented to register a new application.
- Name: The name of your application. This will be displayed to users when they grant your application permission to get their ORCID iD, and it will be displayed in their Trusted organization list. We recommend using the name of your organization or service (e.g. a journal name).
- Website: The website the user can visit to learn more about your application. This will be displayed in their Trusted organization list.
- Description: Information about the application that you are developing and how you will use the user's ORCID iD. This will be displayed to users on the OAuth screen.
- Redirect URIs: URIs for use with the OAuth 2.0 protocol -- these are the locations that your users will be sent to after granting your client permission to get their ORCID iD.
Public API applications must have at least one redirect URI registered, and the URI must begin with http or https. For testing, you can automatically add Google OAuth Playground URI by clicking "+Google OAuth2 Playground" under Test redirect URIs, or the ORCID Public API Swagger by clicking "+ORCID public swagger interface".
For more information, see About redirect URIs.
- Click the Save icon at the bottom of the form to generate your API credentials.
- To view your API credentials, click Show Details.
- Your API credentials - Client ID and Client Secret - are shown just beneath your redirect URIs. Below your credentials are sample URLs and API calls with your credentials pre-filled.
Note: API credentials issued after December 1, 2014 begin with the characters "APP-" and are alpha-numeric. Earlier version of client credentials had the same format as ORCID iDs (sixteen digits). Both formats behave the same way, though our documentation primarily uses the newer APP- format in examples.
Use your credentials
Now that you have your credentials, it's time to start using the ORCID Public API!