Read the Developer notes!

If you get an HTTP 403 return code when you try and call WSOS, most likely your IP address isn't on the whitelist. Bear in mind that DHCP IP addresses change from time to time!

Don't store your own user code in a script anywhere. If you need authenticated access, create an external user (or ask elab to create you one) and grant that user just the access you need.

One day we may support OAuth, which allows you to do this kind of thing without needing to create an additional user. But not yet...

There is no way to have an application running on an end-user's PC resolve user IDs to names. This is deliberate; whilst user ID's and Library card numbers are not regarded as 'secret' in the way that a password is, applications that allow for bulk extraction of them present a security risk. If you make an application which is capable of acting as a proxy, allowing end users to resolve IDs other than their own, you may find that your WSOS access is revoked.