How to fetch the courses within a program

Hi Team,

I am trying to fetch the courses within a program using the API: “/program_enrollments/v1/programs/{program_uuid}/overview/”. But I am getting the below error. Is it possible to get the courses of a program through this API call and am I missing anything? or Is there any other way to fetch the courses of a program?

Error :


Hi @santosh827!

You’re getting an HTTP 403, which at first glance means your request is not properly authorized. Did you go through the process to get then use an authorization token in your request?

Hi @arbrandes,

But I am able to fetch other details like courses, enrollment data, etc without any access error. Only this API is giving an error.

I am using the Swagger API provided by Open Edx.

Looks like that particular API is deprecated. I’m not saying it doesn’t work (haven’t tested it, yet), but I wouldn’t be surprised if it falls down on some particular set of circumstances which you seem to be hitting.

Did you try the per-user call, by any chance? As the comment in the code says, that seems to be its replacement.

And out of curiosity, do any of the program APIs work for you? Or do they all give you a 403? As far as I can see, most of them require authentication.

I tried the other API as well, but it also gives the same 403 forbidden issue. I am using a tutor instance of openedx. Do these Program APIs need a different authentication? As of now, I was successful when I tried other APIs like below.

These other APIs don’t require authentication, which would explain the discrepancy.

So every user who logs in to the LMS should have to go through the process to get an authorization token to view/use these program APIs? Is that the only way? Are there any other APIs to get the program Details? That will become an inconvenience for any new user/learner who logins to LMS who must have an account in

Yup, that’s right.

Currently, yes.

Not that I’m aware of.

This is where we crossed some wires. :slight_smile: First, you don’t need an account on to get the Oauth2 token: you just need an account on the Open edX instance in question. This misunderstanding is my fault, as I linked to docs that were it not for the fact they have “” hard-coded, would’ve otherwise been pretty good docs on the subject. Apologies.

As for the more basic inconvenience of having to get a token, that’s the usual security tradeoff. However, most people that use the Open edX API will probably do so via a dedicated program of some sort, as opposed to making direct requests via curl or some other generic HTTP client - and if you’re writing a program, there are ways to make it less painful for the user operating that program.

1 Like

I am trying to make a custom page where I am trying to display a list of programs and for each program, I am trying to display its related course_id’s. I am using Fetch API in JavaScript. So is there any documentation/link that explains what authorization needs to be sent along with the Programs API call (this API call is done after a user has logged into LMS)?

The page I linked previously, if you replace all instances of with your own domain, is a good overview of what needs to happen at a low level.

If you’re looking for info on how to write a Javascript auth client that works with Open edX, I would suggest you look at how MFEs do it. You can then examine the frontend-platform implementation for hints on how to do it on your own app. Heck, it may even be possible to just import the frontend-platform auth module and use it directly! (Though I never tried outside an MFE, so YMMV.)

I followed the steps mentioned in the link which you provided, but I was unable to add anything to the form fields as below and uneditable.

Is there any code examples/documentation on how to import any such modules in any of the openedx LMS HTML templates, as I was unable to find any stepwise documentation for the same.

Alright, those docs skip something you have to do manually on your installation. You have to first create an OAuth2 “application” in the Django admin, at /admin/oauth2_provider/application. That’ll get you a client ID and secret, which you can then use to request tokens as the rest of that page describes.

As for docs: there is still scarce documentation on how to write applications that interact with the Open edX API(s), unfortunately. You mostly have to wade through the code - and the occasional ADR - to figure things out. This is why I suggested you look at existing client code. I realize this is less than ideal, but at least it’s something. :slight_smile:

Is your new app being rendered by Django? If so, have you considered just using the Python API to get the program information?

Yes, the app uses the Django backend and renders the mako templates present in the HTML templates. I am using Javascript in these templates to fetch the programs on runtime. If we use Python API do we need to provide these access tokens? Is there any such example code that uses Python API to fetch anything?

Not if you fetch the information when the page is rendered. You can just use the program enrollments Python API, such as this one for getting a user’s enrollments. An example of it in use in a view is in the Program Enrollment Inspector.