Enrollment Allowed API returns 401

Hi. I’m running openedx quince 1 with Tutor. We need to get a list of allowed enrollments for a course so I tried this endpoint:


The problem is that I get 401 with swagger and also with openedx client. My API user is superuser so I’m sure it has access to all data. Looking into the code for this endpoint I found:

class EnrollmentAllowedView(APIView):
    A view that allows the retrieval and creation of enrollment allowed for a given user email and course id.
    authentication_classes = (
    permission_classes = (permissions.IsAdminUser,)
    throttle_classes = (EnrollmentUserThrottle,)
    serializer_class = CourseEnrollmentAllowedSerializer

This is the view responsible for the said endpoint. As the code says, it only accepts JWT auth and unlike the EnrollmentListView(APIView, ApiKeyPermissionMixIn) view, it doesn’t inherit from ApiKeyPermissionMixIn which causes the rest client to fail, I guess. Please guide me on using JWT auth with API user or any other way of getting a list of allowed enrolls for a course.

Where are you getting the JWT you are trying with? Maybe these docs will help: edx-platform REST API Concepts — edx-platform documentation?

There is also DEBUG level logging for JWT authentication errors which may help. Unfortunately, it may just give a generic error, but maybe the stacktrace will help. The error message has been improved, but this is in a newer version of edx-drf-extensions. Here is the latest version of JwtAuthentication, but you’d need to see what version quince is running,

I tried getting a JWT token as said in the docs and it worked. Thank you. Also for using with the rest client, you need to set bearer=False when initiating the client.

client = OpenedxRESTAPIClient(lms_url, client_id, client_credentials, bearer=False)

But is there any specific reason for this endpoint not supporting ApiKeyPermissionMixIn? Honestly this inconsistency is kinda confusing. Specially when there is no proper documentation for this endpoint authentication class, not even in swagger. I expected this endpoint to accept bearer api key like other endpoints that I’d used before but suddenly I got 401 and had to look into the code to find the issue.

So, is there any plan for deprecating bearer api key or just that the guys forgot to add it or any other reason? : )

Glad you got it working.

  1. That mixin is deprecated, but is not related to our opaque Bearer tokens. The deprecation wasn’t well documented, so I just created this DEPR to explain: [DEPR]: EDX_API_KEY · Issue #34039 · openedx/edx-platform · GitHub.
  2. You may also be using a deprecated rest client. See [DEPR]: Complete removal of EdxRestApiClient · Issue #189 · openedx/public-engineering · GitHub for details.
  3. Bearer authentication is also deprecated. See [DEPR]: BearerAuthentication · Issue #284 · openedx/edx-drf-extensions · GitHub.
1 Like

Thanks a lot for the links! This is very informative.

1 Like