Valence will give 403 on a GET lp/courses to some student users

Question

For some reason, some users who try to connect through my app receive a 403 response for the /courses end point of the valence API. See below for details:

The scenario:

• User can authenticate with Desire2Learn and is permitted to hit the /whoami end point. This is always the case as the API does not allow for this end point to require permissions.
• All routes are being retrieved by a GET request
• Other routes I receive success responses include:
  
  • lp/news
  • lp/enrollments/myenrollments
  • le/dropbox/folders/
• Once we try to hit lp/courses I receive a 403 forbidden.
• I see this route is deprecated in 10.3.0, The D2L instance I am working with is on version 10.1.0

I'm wondering if this is a group permissions issue or if my authentication is incorrect (it does work for multiple other requests)? Any ideas will be appreciated.

Answer 1

It looks like the /courses endpoint did not have the right authentication for my user. IT turns out though that this was for good reason. Luckily I could use the information gathered in /myenrollments instead.