Access token-generation: API endpoint?

What is the API endpoint in Open EdX that can generate a new access token or refresh one for a user?
A dev colleague says this can be done via the command line easily, but has not found a document API endpoint for this.

2 Likes

If you send a POST request to (LMS domain)/oauth2/access_token with form data consisting of valid credentials (client_id, client_secret, and grant_type = client_credentials) for an OAuth application that you’ve configured in the LMS django admin, you’ll get back an access token for your application’s user.

If you want to retrieve an access token on behalf of some other user, POST to the same endpoint but set grant_type = refresh_token, and pass the user’s refresh_token as a fourth data parameter.

There are examples of both in this gist among other places.

A third way is to use a password instead of a refresh token, which can be helpful for development:

curl -X POST -d "client_id={client_id}&client_secret={client_secret}&grant_type=password&username=staff&password=edx" http://localhost:18000/oauth2/access_token/

Thanks Braden - I appreciate the prompt response!

Hi @PatM,
I am working in this python package to access the Open edX API out of Django. You can install with pip install open-edx-rest-api-client. It has only two functions implemented yet (one to list all courses and another to enroll users), but you can use the session object that handles the authentication.

Hi Andres - thanks for the follow-up!
The Python link gives me a 404 - can you add the updated link?
Pat
@andres

Hi @PatM, try again, I had forgotten to set it to public.