AnsweredAssumed Answered

API permission to view course details???

Question asked by Gareth Cosens on Nov 29, 2018
Latest reply on Apr 30, 2019 by Gareth Cosens

Like • Show 0 Likes0
Comment • 8

When I perform a GET from:

<canvasURL>/api/v1/courses/<courseID>?access_token=<myAccesToken>

I receive the following:
{"status":"unauthorised","errors":[{"message":"user not authorised to perform that action"}]}

I am using an access token that has been created to work with a role which performs all our API calls.

It has permission to see all the users in sections and courses but can't retrieve the general course details.

What permissions do I need to add to this role for it to be able to perform this GET?

No one else has this question

Outcomes

8 Replies

Kona Jones Nov 30, 2018 9:54 AM
Mark Correct
Correct Answer
Gareth, greetings! Due to the technical nature of this question I'm sharing it with the Canvas Developers group in the Community. If you haven't already, you might consider joining this group so you'll have access to these resources and information.

Kona
2 people found this helpful
Like • Show 2 Likes2
Actions
- Peter Love @ Kona Jones on Dec 2, 2018 2:09 PM
  Mark Correct
  Correct Answer
  It looks like the user who owns the token does not have permission to view that course.
  
  An easy way to distinguish between a permissions issue or something to do with the way the API call is being made is to log in as the token owner and enter the API GET URL in the browser without the access_token part.
  
  That is, log in as the token user and put <canvasURL>/api/v1/courses/<courseID> into the browser. If you get the same error response then it a user permission problem. If you don't, then there is something wrong with the token or how it is being used.
  1 person found this helpful
  Like • Show 0 Likes0
  Actions
  - Gareth Cosens @ Peter Love on Dec 3, 2018 2:46 AM
    Mark Correct
    Correct Answer
    Thanks Peter. It is def a user permission. And that is what I am confused about as the token in question checks enrolments and enrols peole on the courses I am checking, it just doesn't have permission to read the course details. ????
    1 person found this helpful
    Like • Show 0 Likes0
    Actions
    - Peter Love @ Gareth Cosens on Dec 4, 2018 12:51 PM
      Mark Correct
      Correct Answer
      What role does the user who owns the token have, and what permissions has that role been given?
      
      You can have permission to manage enrolments without having course permissions.
      1 person found this helpful
      Like • Show 0 Likes0
      Actions
      - Gareth Cosens @ Peter Love on Dec 5, 2018 5:13 AM
        Mark Correct
        Correct Answer
        Hi Peter
        
        The user has an account role with the following permissions:
        Import SIS data
        Manage SIS data
        Modify login details for users
        Add/remove students for the course
        See the list of users
        1 person found this helpful
        Like • Show 0 Likes0
        Actions
        James Jones @ Gareth Cosens on Dec 5, 2018 6:24 AM
        Mark Correct
        Correct Answer
        Gareth Cosens
        See if Courses - View List is enabled for that role under the account preferences settings.
        
        From the source code, the user needs the :read access to the @course. That normally translates to "view" in human-speak, so you're most likely missing the ability to view something.
        
        If that one is already enabled, my second guess [and that's what it is] would be Course Content - view
        
        You probably know this exists, but just in case someone else later on has a similar question, there is a Canvas Account Role Permissions document that lists the permissions and what those permissions mean. It doesn't always answer the questions, though, as I couldn't find a definitive answer to yours in there. They also have a similar document for the Canvas Course Role Permissions.
        1 person found this helpful
        Like • Show 0 Likes0
        Actions
rogrant@nmsu.edu Apr 29, 2019 11:05 AM
Mark Correct
Correct Answer
Gareth,

Were you able to find an answer to your question? I am going to go ahead and mark this question as answered because there hasn't been any more activity in a while so I assume that you have the information that you need. If you still have a question about this or if you have information that you would like to share with the community, by all means, please do come back and leave a comment. Also, if this question has been answered by one of the previous replies, please feel free to mark that answer as correct.

Robbie
Like • Show 0 Likes0
Actions
- Gareth Cosens @ rogrant@nmsu.edu on Apr 30, 2019 3:46 AM
  Mark Correct
  Correct Answer
  In the end I think I gave up and simply ensured I used the correct section IDs for my projects parameters rather than (as hoped) confirming these selections with the course and section title.
  Like • Show 0 Likes0
  Actions

API permission to view course details???

Outcomes

Related Content

Recommended Content