1

According to the Valence Docs,

Valence Learning Framework API calls are all made in isolation, by a known application, and by a known LMS user.

If I want to build an application that has admin access, I'm guessing that I would have to make a "service account" that has admin access, and have my application use the API as that user.

How would I go about obtaining a userId and userKey for users that aren't real people, and only exist for the application to connect to the valence API?

msanford
  • 11,803
  • 11
  • 66
  • 93
Paul Gray
  • 546
  • 1
  • 5
  • 10

1 Answers1

2

Once you create a Service Account, you need to manually harvest the user tokens using a utility such as the API Test Tool (https://apitesttool.desire2learnvalence.com/) to authenticate with your LMS. You then need to store those keys securely, and configure your LMS to ensure the user tokens are long-lived. Many systems have a token timeout of 30 days, but when a headless integration is in place like the one you're proposing, it's often a good idea to make the timeout infinite. You can contact Desire2Learn Support to verify the timeout value for the user tokens.

There's a similar question that addresses this issue as well: Authenticaton Method for Desire2Learn REST API vs SOAP.

Community
  • 1
  • 1
Sarah-Beth Bianchi
  • 162
  • 5
  • Ok, that's what I was doing to just poke around the API. How would I go about making the token timeout infinite? Would I need to login to the D2L instance with my app's service account, and change settings somewhere? – Paul Gray Feb 11 '14 at 22:00
  • You'll actually need to contact D2L Support in order to change that value. The Approved Support Contact for your organization can open a ticket and request a change to d2l.Security.API.TokenTimeout to make timeout infinite. – Sarah-Beth Bianchi Feb 12 '14 at 18:20
  • I'm actually working on a third-party integration, where our clients will use our software that is pointed at their D2L instance. Will this require all of our clients to make that change separately, and will that change affect tokens generated on that D2L instance by other API consumers? – Paul Gray Feb 13 '14 at 22:59
  • Paul -- yes: the configured value applies to all tokens issued by that LMS. So, if your app requires this, then each client will need the setting value as appropriate; and, the setting value will affect all the apps that LMS works. Currently, we don't support different timeout values for each application. – Viktor Haag Feb 18 '14 at 17:52