Notice: API will soon require an API key for regular usage

Up until now using the OCM API has not required an API key and for the most part this has been OK but we have no way to track heavy use and no way to notify you of (potentially breaking) changes.

We will shortly be introducing a requirement for all repeated calls to the API to use an API key as part of the http request header (X-API-Key). Failing to use an API Key when making repeated calls will eventually result in your IP/Client being refused connection.

It is also highly recommended that you should use a distinct User-Agent http header (usually the name of your app/service) to help identify calls, using a generic User-Agent string may result in failures as we often have to ban generic user agents which are spamming the API. Alternatively set the client url query parameter to a custom string when making http calls.

The ability to allocate a new API Key for your application will shortly be available through the ‘my profile’ menu on the site. Watch this thread for further announcements.

In the future we may introduce a non-free version of the API for high volume users, your alternative will be to host your own API. Instructions will be made available on how to run a read-only mirror API with frequent data refreshes.

Note that you can now register your application and create a new API Key. Sign in to and click my profile>my apps and click on Register Application, you can edit the application detail (name, website etc) later but for now it’s a good idea to start using the X-API-Key header when making API calls.

I currently expect that we will start to enforce the requirement for an API Key around March 2020. ad-hoc API use (development, one-off queries etc) will not currently require an API Key.

Work is progressing well on providing a method for you to optionally host your own read-only copy of the API which constantly stays in sync with our master data, see