Community Help

themidiman · ‎10-29-2019

Unless I've not read the docs correctly, shouldn't an instructor API token be able to use the GET /v1/courses/{id} endpoint to see information about a single course for which they are enrolled as the instructor? I'm getting "status":"unauthorized" using the live api.

If not I'm having a hard time finding in the permissions matrix where this can be rectified.

themidiman · ‎10-30-2019

Thanks @maguire ,

That was the issue. My instructor role was not in the actual course section because it was crosslisted into a different course. I was thinking the role carried over to both sections by virtue of cross-listing the child course into the parent course.

View solution in original post

sam_ofloinn · ‎10-30-2019

You are getting "status: unauthorised" probably because your account isn't set to have permissions to request data from this endpoint. Contact the managers in your organisation, ask them to authorise your account. Depending on your place's setup, you may have to be re-authorised over regular time intervals (e.g monthly)

themidiman · ‎10-30-2019

Thanks for the response!

So...would this be done using the permissions matrix? For the record I admin a test instance of Canvas where I did my initial testing. I need to tell our admins what permission to tweak for the instructor role on our production instance. I can't just tell them to "fix" it without giving them exact information about what to fix.

Any suggestions?

sam_ofloinn · ‎10-30-2019

Honestly I would not know, I've not managed such permissions myself. I'd assume that whoever in your organisation has such access would know for certain which to tweak. That said, the permissions matrix might be a good place to start.

themidiman · ‎10-30-2019

So this is the issue: I'm one of the individuals at our organization that should know what this tweak should be. Maybe it's a bug that needs to be escalated to support. I'll go that route until someone else who is reading this knows exactly what the magic permission tweak is supposed to be.

maguire · ‎10-30-2019

Have you tried it out via https://xxx/doc/api/live where xxx is your canvas instance?

I was able to do this as a student in a course or as a teacher in a course (within a Canvas instance built from source code). However, if the user is not in the course, then I get a response of

{   "status": "unauthorized",   "errors": [     {       "message": "user not authorized to perform that action"     }   ] }

The reason for the unauthorized result is that the code in app/controllers/courses_controller.rb

does a check of the user's permissions and looks for the permissions :read or :read_as_admin.

themidiman · ‎10-30-2019

Thanks @maguire ,

That was the issue. My instructor role was not in the actual course section because it was crosslisted into a different course. I was thinking the role carried over to both sections by virtue of cross-listing the child course into the parent course.

API endpoint permissions for /courses

Current graded by

Item limit on "Add to Module" dialog box and solut...

How to enable Upload/Recording Media option to tak...

outh2 flow token generation

Acceder a la

Current graded by

If I have a Course ID, Quiz ID and a Question ID c...

How can I access previous year data using canvas L...

For new LTI tool - XML or JSON? Which is preferred...

Item limit on "Add to Module" dialog box and solut...

You're signed out

API endpoint permissions for /courses

Community Help

View our top guides and resources: