Community Help

themidiman · ‎10-29-2019

Unless I've not read the docs correctly, shouldn't an instructor API token be able to use the GET /v1/courses/{id} endpoint to see information about a single course for which they are enrolled as the instructor? I'm getting "status":"unauthorized" using the live api.

If not I'm having a hard time finding in the permissions matrix where this can be rectified.

themidiman · ‎10-30-2019

Thanks @maguire ,

That was the issue. My instructor role was not in the actual course section because it was crosslisted into a different course. I was thinking the role carried over to both sections by virtue of cross-listing the child course into the parent course.

View solution in original post

sam_ofloinn · ‎10-30-2019

You are getting "status: unauthorised" probably because your account isn't set to have permissions to request data from this endpoint. Contact the managers in your organisation, ask them to authorise your account. Depending on your place's setup, you may have to be re-authorised over regular time intervals (e.g monthly)

themidiman · ‎10-30-2019

Thanks for the response!

So...would this be done using the permissions matrix? For the record I admin a test instance of Canvas where I did my initial testing. I need to tell our admins what permission to tweak for the instructor role on our production instance. I can't just tell them to "fix" it without giving them exact information about what to fix.

Any suggestions?

sam_ofloinn · ‎10-30-2019

Honestly I would not know, I've not managed such permissions myself. I'd assume that whoever in your organisation has such access would know for certain which to tweak. That said, the permissions matrix might be a good place to start.

themidiman · ‎10-30-2019

So this is the issue: I'm one of the individuals at our organization that should know what this tweak should be. Maybe it's a bug that needs to be escalated to support. I'll go that route until someone else who is reading this knows exactly what the magic permission tweak is supposed to be.

maguire · ‎10-30-2019

Have you tried it out via https://xxx/doc/api/live where xxx is your canvas instance?

I was able to do this as a student in a course or as a teacher in a course (within a Canvas instance built from source code). However, if the user is not in the course, then I get a response of

{   "status": "unauthorized",   "errors": [     {       "message": "user not authorized to perform that action"     }   ] }

The reason for the unauthorized result is that the code in app/controllers/courses_controller.rb

does a check of the user's permissions and looks for the permissions :read or :read_as_admin.

themidiman · ‎10-30-2019

Thanks @maguire ,

That was the issue. My instructor role was not in the actual course section because it was crosslisted into a different course. I was thinking the role carried over to both sections by virtue of cross-listing the child course into the parent course.

API endpoint permissions for /courses

New Analytics from API -- getting student weekly p...

Link checker for all active courses

GitHub issues

Is there a way to get the resource link id in LtiD...

admin icon not displaying

New Analytics from API -- getting student weekly p...

Search Canvas API pageviews listing

Link checker for all active courses

Seeking Canvas App Developer

GitHub issues

You're signed out

API endpoint permissions for /courses

Community Help

View our top guides and resources: