Community

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
scottdennis
Community Team
Community Team

All things API

Have a question about the Canvas APIs? Have a cool API integration you'd be willing to share? If so, please post here.

Labels (1)
Tags (1)
271 Replies
mgohman
New Member

Hello Everyone, 

Building my first API - trying to pull the current user's first and last name for a printable certificate.

When I put the following url in a browser, it returns what I am looking for.

https://msmu.instructure.com/api/v1/users/self/profile 

The above does not require my access token when used in the browser's address bar. But when I try and use PHP cURL it asks me to authenticate to pull that same URL. When I try and use our access token - it does not return the current user logged in, but rather my API user profile.

How do I use PHP cURL to get the current user's profile credential without authenticating?

Scoured the online documentation and sample scripts from Google without any luck. Thanks in advance for pointing me in the right direction.

Cheers,
Mitch Gohman

I believe the answer is to form a GET request with the user ID in the URL endpoint

GET /api/v1/users/:user_id/profile

Users - Canvas LMS REST API Documentation 

Oops forgot to mention that there's no way to get this information without being an authenticated user with proper permissions. You'd have to send an API token in the request. 

You can also play with the api at Canvas Live API 

garth
Community Member

 @mgohman ‌ the api call you listed contains the parameter "self"

https://msmu.instructure.com/api/v1/users/self/profile 

To quote the Canvas API documentation:

"Throughout this API, the :user_id parameter can be replaced with self as a shortcut for the id of the user accessing the API. For instance, users/:user_id/page_views can be accessed as users/self/page_viewsto access the current user's page views."

If you are logged in, you are the current user.

Take a look at the definition of the profile API call, it shows that it accepts the parameter of ":user_id":

You would need to pass the user id of the student you are trying to get information on.

You would also need necessary privileges to access that user profile, and I'm not sure what your role is. 

From your post, it sounds as though you are trying to get information about students in a course.

If you are an instructor in the course you should be able to access your student roster, which also contains names, using this API call:

This API call returns a list of "User" objects:

In response to your statement:  "The above does not require my access token when used in the browser's address bar", this is because you are already logged in with the browser.  You absolutely need to use your own token when making API calls outside of the browser.  If you need info on creating an access token, see this article:

If you would like more information on how to test and play around with API calls this post might be helpful:

I hope that helps.

rlzhang
Community Member

First you need have your authorized user's access token. then in php, pass in your authorized tokenHeader, and pass as_user_id parameter to masquerade the userid who you are authorized to access the profile.  e.g.

$asuser = array ('as_user_id' => $userid);
$user = http_build_query($asuser, '', '&');

...

curl_setopt($ch, CURLOPT_URL, $canvasapiUrl' . '?'. $user);

Hopefully it helps.

Thank you Garth!!  I think we are getting closer.

I saw the passing of the userID, but I am having trouble figuring out how to get the userID. Right now, my API application resides on a separate server (msmu.us)- not on our Canvas installation (msmu.instructure.com). Ultimately I would like to access the currently logged in user to get their details (already logged in through msmu.instructure.com).

I was successful in obtaining all of the students in the course, and passing an individual ID like the documentation says. But I need a way to tell which student is currently accessing the course. I think from what you are saying that this is not possible. That I would have to have them log into my application (using their Canvas Creds). Then I can do things for them specifically.

I would love it if the user only had to log into the main Canvas App once. And then my extended application would leverage this Canvas App login to perform user specific needs. Is this possible?

Or do I need to develop it as an LTI/Plugin in order to do this? Kind of like the Attendance App in Canvas, where it asks for permissions first.  And it actually resides directly in Canvas, instead of an iFrame (which was my original goal) or a separate stand-alone website.

Thanks for all of your assistance and pointing me in the right direction.

Cheers,
Mitch Gohman

If you know their sis id you can pass that in the form of 'sis_user_id:A000030483' . 

garth
Community Member

 @mgohman ‌ LTI would definitely tell you who the user is that is accessing your application.

I put together a 3 part LTI intro walk through that will help you get started in that direction.

Part1 is here: .NET LTI Project - Part 1 - Connect to Canvas 

I also put together a list of helpful LTI resources:  LTI 1.x - Useful Links 

If you go the LTI route, take a look at these variables:

  • custom_canvas_user_id - this will give you the numeric Canvas user id
  • custom_canvas_user_login_id - this will give you the user login name
  • lis_person_name_full - is what is says, the user full name

There is lots of info in the LTI launch request, should be everything you need to clearly identify the user, and if course specific will clearly identify the course they are launching your app from.

I'm currently working on extending the LTI posts to include the OAuth2 workflow, and have the first piece posted here:

.NET - OAuth2 Workflow: Part 1 

Hopefully these references will be of some help, I'm working on part 2 of the OAuth2 example now and hope to have it posted soon (time permitting : )

Post back and let us know what direction you go in.

Got it, that is very helpful. Thank you for everything!!

Cheers,

Mitch