Once you have received your Client ID and Client Secret from CTRP Support, follow the steps below to use the NCI CTRP REST services. There are different processes between PRS and CTRP users in using the CTRP APIs, see below for explanations.
The following endpoint will generate an Okta access token provided the parameters passed in are valid. Please contact CTRP_support@nih.gov for any questions or issues in regards to generating the Okta access token.
POST:
curl --request POST “https://<clientId>:<clientSecret>@bioappdev.okta.com/oauth2/aus3ym6wniM6O3MGE297/v1/token” \
--header “Accept: application/json” \
--header “Content-Type: application/x-www-form-urlencoded” \
--data-urlencode “grant_type=password” \
--data-urlencode “username=<username>” \
--data-urlencode “password=<password>” \
--data-urlencode “scope=openid”
Parameters:
clientId | Client ID |
clientSecret | Client Secret |
username | CTRP OKTA account email ID |
password | CTRP OKTA account password |
Response:
{"token_type":"Bearer","expires_in":43200,"access_token":<accessToken>,"scope":"openid","id_token":<idToken>}
Include the access token in the 'Authorization: Bearer' parameter when submitting API requests.
GET:
curl --location --request GET 'https://trials.nci.nih.gov/services/trials/<NCT> ' \
--header 'Content-Type: application/json' \
--header 'Accept: application/xml' \
--header 'Authorization: Bearer <accessToken>'
Parameters:
accessToken | Access Token generated in step 1. |
NCT | Trial ID (e.g. NCI-2017-02883) |
Response:
XML data
The Client ID and Client Secret need to be updated on a yearly basis. The CTRP team will provide the new Client ID / Client Secret combination to PRS two weeks before each update. During the two-week grace period, both old and new credentials will work.
https://trials-stage.nci.nih.gov/services/trials/
Error | Code | Message |
Invalid Client Id | 401 | { "errorCode": "invalid_client", "errorSummary": "Invalid value for 'client_id' parameter.", "errorLink": "invalid_client", "errorId": "oaejDJuWCiRTQeH8n6WG2116A", "errorCauses": [] } |
Invalid Client Secret | 401 | { "error": "invalid_client", "error_description": "The client secret supplied for a confidential client is invalid." } |
Invalid User Credentials / Account Locked* | 400 | { "error": "invalid_grant", "error_description": "The credentials provided were invalid." } |