API Authentication

Hi, im trying to make a request using API to update profile information of a user.
I tried using access tokens but it is returning the 403 forbidden error.
I followed the process here to generate access tokens and use it. but its not helping - edx-platform/0003-use-jwt-as-oauth-tokens-remove-openid-connect.rst at master · openedx/edx-platform · GitHub.

The problem statement here is, i should be able to update full name, country, and other such account details for any user using the API.

Any help or guidance will be helpful.
Thank you

How did you get the access token @ShreehariVaasishta ? What endpoint or series of steps did you follow?

Hi @feanil, i should have included a detailed info with respect to it, sorry for that.
I created an application here http://local.overhang.io/admin/oauth2_provider/application/ through the Django admin panel. client_id and client secret were prefilled so did not make any changes. i have set the user with superuser access. The below screenshot shows the info in that particular instance.

After that i made a request to http://local.overhang.io/oauth2/access_token/ to get the access token.

curl -X POST -d "client_id=MLoAsrMoXYCfGe3lmerbKOJkZi89eHWbrgPk6JWr&client_secret=KkbfT1rXZbEaSEiq8MfyyXUzQjYijyZeDzkhmy3WQCxzgQau71rHGdKA7iMAnNlYREwl50hj7jdqdZnBQpG9b4sdIpo92klOPkdHbdBCuNe9mDKVAHTeF7ioJzUJGci1&grant_type=client_credentials" http://local.overhang.io/oauth2/access_token/

I then used the same access token in the below request to change the full name of a user.

curl 'http://local.overhang.io/api/user/v1/accounts/stefan@example.com' \
  -X PATCH  -H 'Authorization: Bearer pFHqjG66aqyYlkOObSd4uaKXxDLzlb' \
  -H 'content-type: application/merge-patch+json' \
  --data-raw '{"name":"RandomFulll Name34"}'

This is the particular error traceback.

lms_1                        | 2022-05-14 07:43:51,946 WARNING 7 [openedx.core.djangoapps.user_api.helpers] [user 57] [ip] helpers.py:68 - A handled error occurred when calling 'update_account_settings' with arguments '(<User: api-user>, {'name': 'Hayssssssyyy'})' and keyword arguments '{'username': 'lipefa3301@angeleslid.com'}': UserNotAuthorized()

From my limted knowledge of edx codebase, i think the exception is raised in this line -

Is there any way to overcome this exception?

So looking at that piece of code, the API only allows you to change your own usernames and not the user names of other users. I think because you’re trying to change the username of a different user, it’s not allowed.

To come back to your problem statement, I don’t think this API endpoint is built for that. I believe others have built extensions and plugins that can do what you want but it may not be there in the core platform.

I think eox-core can provide you a lot of user management capabilities so you may want to have a look at that.

Thanks a lot for clarifying it and sharing the resource @feanil.