Authentication Service
This service has a sole method which will provide OAuth2 tokens. While the
valid scope parameters are provided in the documentation for each of the methods,
a list of the possibilities might be helpful|
| Scope | Description |
|---|---|
read |
Grants read access |
write |
Grants write access |
delete |
Grants deletion access |
admin |
Grants read, write, and account management access |
read:course |
Grants read access to course methods |
write:course |
Grants write access to course methods |
delete:course |
Grants deletion access to course methods |
read:dispatch |
Grants read access to dispatch methods |
write:dispatch |
Grants write access to dispatch methods |
delete:dispatch |
Grants deletion access to dispatch methods |
read:invitation |
Grants read access to invitation methods |
write:invitation |
Grants write access to invitation methods |
delete:invitation |
Grants deletion access to invitation methods |
read:ping |
Grants read access to the ping method |
read:registration |
Grants read access to registration methods |
write:registration |
Grants write access to registration methods |
delete:registration |
Grants deletion access to registration methods |
read:reporting |
Grants read access to reporting methods |
read:xapicredential |
Grants read access to xapi credential methods |
write:xapicredential |
Grants write access to xapi credential methods |
delete:xapicredential |
Grants deletion access to xapi credential methods |
read:xapipipe |
Grants read access to xapi pipe methods |
write:xapipipe |
Grants write access to xapi pipe methods |
delete:xapipipe |
Grants deletion access to xapi pipe methods |
read:appmgmt |
Grants read access to app management methods |
write:appmgmt |
Grants write access to app management methods |
delete:appmgmt |
Grants deletion access to app management methods |
read:learner |
Grants read access to the learner methods |
write:learner |
Grants write access to the learner methods |
read:about |
Grants read permission for the about method |
Note:
One should be particularly careful with long lived tokens of significant privilege, as tokens may not be deleted or updated.
getAppToken
POST /oauth/authenticate/application/token
Summary
Creates, signs and returns an OAuth2 token based on the provided permissions, if the credentials used to request the token have the permissions being requested.
Note:
The token is not stored and therefore can not be modified or deleted. The requested permissions are encoded in the token which is then signed. As long as the secret used to create it is not changed the token will be valid until it expires.
Parameters
Consumes: application/x-www-form-urlencoded
| Type | Name | Required | Schema |
|---|---|---|---|
| Form | scope | true | String |
| Form | expiration | false | Integer |
Responses:
Produces: application/json
| HTTP Code | Description | Schema |
|---|---|---|
| 200 | Successful token authentication request | ApplicationToken |
| 400 | Bad request | MessageSchema |
Authentication:
| Type | Name | Scopes |
|---|---|---|
| basic | APP_NORMAL |