Hi - I'm getting a 422 Unprocessable Entity error when I try to test this API call (I'm using Advanced REST Client) :
I'm using my admin access code in the header. Trying to submit this on behalf of student "2398."
Is it formatted incorrectly?
I just tried this using ARC and it worked fine for me. It generates a "201 Created" response code.
I took your URL and my URL and pasted them next to each other and then put your IDs into my URL and I didn't see any differences, so I think you have the syntax correct.
Here are some things to look at.
Finally, this is not the reason, but www.google.com is not a URL. The URL includes the protocol, so https://www.google.com would be the correct way. Browsers often work if you type it into the location bar that way, but if you include it as a link on a web page, it probably (Apache does this by default, not sure about other webservers) gets turned into a relative link because it doesn't have the protocol and then you get a notice that it can't find the page www.google.com on the server. However, I tested it with www.google.com and Canvas took it -- but it also added http and not https to it. Still, it would be better to actually submit a URL.
Thank you James so much! I've been so frustrated by this so I greatly appreciate your help.
I verified all of your suggestions and everything checked out. Is this not working because I'm misunderstanding how to use the masquerading feature?? User 2398 is a student without permissions to masquerade and I'm using my access token in the header. This feature is supposed to work the other way around right? A user would masquerade as someone with permissions that can masquerade.... (???)
I've attached a pic for what it looks like in ARC for me...
I'm building an app that needs to allow the user (after going through the Oauth dance) to submit an assignment. Should I be doing this some other way??
The reason I put the as_user_id in there was because I wasn't being allowed to submit an assignment as a student.
One difference I see is the red error message
Add a header of Content-Type: application/json. It should show up under your Authorization header.
I think you're using a different version of ARC, but to the right I see "Custom Content Type". I think that's what you want to change to application/json.
Sorry for the incomplete answer with the last post. I was getting notifications that supper was ready, the 7 month-old decided she wanted to pound on the keyboard while I was trying to type, and Jive wouldn't let me paste my screen shot in.
The user who is making the API call is the one that needs the ability to masquerade as another user. The person being masqueraded as just needs the ability to submit the assignment. Whoever you give access to run the program after the oAuth2 dance will the ability to masquerade.
If you don't put the as_user_id in there, it will try to submit it as you.
I double checked with application/x-www-form-urlencoded and it worked as well as application/json.
Then I changed the due date on the assignment to yesterday and it still allowed me to submit. This is consistent with Canvas web-interface that allows students to submit late work.
Then I changed the Until date on the assignment to yesterday and now I get a 401 Unauthorized error.
If adding the content-type header doesn't fix it, then double check (I know you said you checked) the Until date on the assignment. If it's expired, you can't submit for someone, even if you're an admin.
"I was getting notifications that supper was ready." - I think someone had technology on the brain because I don't think I'd call it a notification when your five year old calls you to dinner! I mean yes, technically you were being notified, but still it made me LOL when I read it! 😉