Page needs rework and better structure. Screenshot is outdated.

Preferences > OSM Server

Connection Settings for the OSM server

Downloading and uploading to the default server

Most JOSM users want to exchange geo data with the standard OSM server operated by the OSM community.

Tick the respective checkbox in order to download from and upload to the standard server (see screenshot above). This is the default setting.

Advanced option: Downloading and uploading to a custom server

Some JOSM users need to configure the API URL of an OSM server because they are working with a custom server:

• Some users are working with local installations of the OSM server
• Some users are working with development and test instances of the OSM server (for instance with ​https://api06.dev.openstreetmap.org).

In order to use a custom URL:

1. Remove the tick in the checkbox for the standard API URL (see screenshot above)
2. Enter the API URL

Click on Validate to test whether an OSM API server is available at the given URL. If so, JOSM will display the icon to the right of the input field for the API URL. If the URL isn't valid, JOSM will display the icon .

Authentication

Working anonymously or with an OSM account

You don't need to identify and authenticate yourself provided that you neither upload data to the OSM server nor download data for which you must authenticate first.

If you work anonymously you are allowed

• to download geo-data from the OSM server and save it to a local file
• to download public GPS traces from the OSM server
• to load geo data from a file, edit it, and save it back to a file

However, you can't

• upload geo-data to the OSM server. You can't created, update, or close changesets either.
• download your private GPS traces

You are recommended to ​create an OSM user account. By using ​this form you can choose an OSM username and an OSM password both of which you will use below.

Basic authentication

Basic authentication is the basic mechanism to authenticate yourself at the OSM server.

Here's a screenshot of the preferences panel for basic authentication:

To use Basic Authentication

1. Go to the register OSM Server in Preferences
2. Select the authentication method Basic authentication
3. Enter your OSM username and your OSM password

OAuth 1.0a based authentication

OAuth 1.0a is deprecated. Please use OAuth 2.0 or later instead**

​OAuth 1.0a is an open protocol to allow secure API authorization in a simple and standard method from desktop and web applications. The OSM server supports OAuth in addition to basic authentication.

OAuth has two major advantages over basic authentication:

1. Your OSM password doesn't have to be saved in clear text in the JOSM preferences file.
2. Your OSM password has to be transferred encrypted only once over the Internet, in contrast to basic authentication where your OSM password is transferred unencrypted as part of every request sent from JOSM to the OSM server.

Information about the use of OAuth is here

Once initialized the access token is represented with the following options:

• Deselect the checkbox Save to preferences if you don't want to save the Access Token in the JOSM preferences. If you don't save it the Access Token will be lost when you close JOSM. If you later startup JOSM again you will have to retrieve a new Access Token to work with OAuth based authentication again.
• Click on Test Access Token to submit a test request with the token to the OSM server. JOSM will analyze whether this token is authorized to access the OSM server.
• Click on New Access Token to generate a new Access Token.
• Selecting the checkbox "Display advanced OAuth parameters" to get the advanced OAuth parameters displayed.

OAuth 2.0 based authentication

​OAuth 2.0 is an open protocol to allow secure API authorization in a simple and standard method from desktop and web applications. The OSM server supports OAuth 2.0 in addition to basic authentication.

OAuth has two major advantages over basic authentication:

1. Your OSM password doesn't have to be saved in clear text in the JOSM preferences file.
2. Your OSM password has to be transferred encrypted only once over the Internet, in contrast to basic authentication where your OSM password is transferred unencrypted as part of every request sent from JOSM to the OSM server.

OAuth 2.0 uses Remote Control to receive the token from the OAuth server. If you have issues authenticating, you can disable remote control in other running instances of JOSM and disable then re-enable it in the JOSM instance you are trying to authenticate.

Once initialized the access token is represented with the following options:

• Deselect the checkbox Save to preferences if you don't want to save the Access Token in the JOSM preferences. If you don't save it the Access Token will be lost when you close JOSM. If you later startup JOSM again you will have to retrieve a new Access Token to work with OAuth based authentication again.
• Click on Test Access Token to submit a test request with the token to the OSM server. JOSM will analyze whether this token is authorized to access the OSM server.
• Click on Remove token to remove the current token. The Authorise now button will reappear.
• Selecting the checkbox "Display Advanced OAuth Parameters" to get the advanced OAuth parameters displayed.

New OSM account messages

At the bottom there are settings for new osm account messages and Notes.

Overpass server

Configure the Overpass API instance used for downloading OSM data (for instance in Download from Overpass API). See ​for a list of servers.

---

Back to Preferences
Back to Edit Menu
Back to Main Menu
Back to Main Help