Castor EDC has an Application Programming Interface (API) that supports authentication and authorization of API calls through the industry standard OAuth2. We start with support for the Client Credentials flow, that allows individual users to create an API Client ID and Client Secret through your Edit Profile page:
With this Client ID and secret you can request an access token, which you can use to access your Castor data. The access token is valid for 5 hours before it expires.
Please note that the Client ID and Secret grant the same access to your data as your own username and password. Please treat them as such and do not hand them out to third parties unless you are absolutely sure about what you are doing.
All documentation for the API can be found in the specific documentation on https://data.castoredc.com/api. If your study is on the US or UK server, please make sure you use us.castoredc.com/api or uk.castoredc.com/api. In the near future we'll also add support for the Authorization Code flow, so third parties can request access to your data on your behalf.