How to call LMS API from CMS (.py file) with authentication? Getting AnonymousUser / Unauthorized error

Hello Team,

I am working on a custom integration in OpenedX and need some guidance regarding authentication between an XBlock(CMS) and LMS APIs.

What I have implemented

• I created a custom Django app inside the LMS.

• Exposed APIs from this app.

• Added authentication and permissions as below:

authentication_classes = [JwtAuthentication, SessionAuthentication]
permission_classes = [IsAuthenticated]

• These APIs are working perfectly when tested directly (via Postman or browser with proper authentication).

Current Issue

I have also created a custom XBlock. From the XBlock, I have .py a file, and I am trying to call these LMS APIs.

However, when I make the API call from the XBlock:

• The request is treated as unauthorized

• The user is detected as AnonymousUser

• Authentication fails

What I need help with

1. How can I properly call LMS APIs from an XBlock Python file from CMS?

2. How can I pass the authenticated user/session from the XBlock to the LMS API?

3. Is there a recommended way to handle authentication (JWT/session) when calling internal LMS APIs from XBlocks?

4. Should I be using any specific Open edX utilities (like OAuth, JWT generation, or service user tokens) for this use case?

Any guidance, best practices, or examples would be really helpful.

Thanks in advance!

Hi @Yagnesh - is there more detail that you can share, such as your XBlock code, your custom djangoapp code, and exactly what types of calls you’re trying to make? As well as what version of the Open edX software you’re using?

Thank you for your response, @sarina

The issue has now been resolved. It occurred due to insufficient data being provided earlier, and additionally, the JWT token was not being passed correctly in the request.

After correcting these, everything is working as expected now. I appreciate your time and support on this.