Api access token-tutor

Development
,
1

I am trying to get the access token from postman using client ID and client Secret, but the response from the postman is “INVALID CLIENT”, why i am getting this response instead of access token?
I am followin this doc to get client ID and client Secret 2. Authenticating as an edX REST Web Service User — EdX Course Catalog API User Guide documentation

2

Hello! This is how I usually request the token:

image
image978×345 37.8 KB

is there something different? can you attach your Django Oauth Toolkit application setup?

3

Hi! I’ve moved your question to the “Development” topic. Choosing the right topic when you make a post is important for visibility; the default (“Community”) is almost never what you want.

4

Hi @venkatsai1234,

It’s not clear what could be causing that response without additional information. Here is how we generate our keys to access our API using Tutor, but the instructions should apply to other installation methods. I hope it helps!

These instructions explain how to generate an OAuth token to access the API endpoints using Authorization Bearer on Open edX. This method demonstrates one of the several ways of accessing the API.

Create an API User (optional)

This step is optional if you already have a user that you want to use for API access. We haven’t tested it, but you can probably give specific permissions to a non-superuser account. There is some security risk to giving your API user admin rights.

tutor local createuser --staff --superuser api-user api@example.com

Create the Application API

The first step is to create an OAuth API application.

  1. Log into your LMS admin panel at https://your-edx/admin.

  2. Navigate to OAuth Applications at https://your-edx/admin/oauth2_provider/application/

  3. Press the `Add Application button.

    • Client id: <default>
    • User: Find the user to grant API access
    • Client type: confidential
    • Authorization grant: client credentials
    • Client secret: <default>
    • Name: Enter the name of the API application

  4. Save the OAuth application.

Create an Access Token

Next, you will create an access token for the API user to access the API application

  1. Navigate to Access tokens at https://your-edx/admin/oauth2_provider/accesstoken/.

  2. Press the Add Access Token + button.

    • User: Select the user that you gave access to in the OAuth application
    • Source refresh token: Leave blank
    • Token: Enter a random CodeIgniter Encryption Key
    • Application: Select the OAuth application
    • Expires: Set the expiration date for the access token

  3. Save to access token

Testing and Using the API

Tip: Use the API Docs page to generate the API URL.

Using API-DOCS Test site

  1. First, open the API docs page (https://your-edx/api-docs) and log in using your API user with admin rights.

  2. Find an API endpoint to test, such as a GET request for /course_modes/v1/courses/{course_id}/

    • Press the Try it out button
    • Enter a course_id
    • Press the Execute button
    • Verify that the HTTP response code is 200 and that the response body contains valid data.

    Take note of the Request URL. You will need to use this URL when using curl because it escapes the characters in the course ID

Using curl

You can use curl to access the API remotely using this syntax:

curl "<URL>" -H "Authorization: Bearer <ACCESS_TOKEN>"
  1. URL: Use the Request URL from the API-DOC test
  2. ACCESS_TOKEN: Use the access token for your API user
4 Likes
5

Thank you @TonyH @mgmdi @sarina for the valuable information, i will try to implement whatever u have given @TonyH and will inform you @mgmdi if it is different in my Django pannel.

6

Thank you @TonyH been struggling whole day and now it works like charm! very clear and helpful

1 Like
7

Hi @TonyH

  1. I was able to create a CCX class
    But can’t delete via API, I get an error detail":"You do not have permission to perform this action
  2. I would be happy to receive an explanation in the creation of USER does not work for me
8

Hi @David_Sperber,

Unfortunately, I do not have experience using CCX. Some actions might require the user to be part of the course. Also, I have not tried creating a user through the API. My suggestion is to find the API code in the code repository and then see what requirements are missing or incorrect. I know that the api-docs page was incomplete, meaning you needed to find the required args from the function declaration itself.

Kind regards,
Tony