core:*:* scope for 'dropbox' endpoints?
Hello, I'm using the brightspace API pretty extensively, and I've encountered a number of endpoints with no OAuth Scope listed. Primary related 'dropboxes' (https://docs.valence.desire2learn.com/res/dropbox.html#get--d2l-api-le-(version)-(orgUnitId)-dropbox-folders- for example), but also in other areas (https://docs.valence.desire2learn.com/res/quiz.html#get--d2l-api-le-(version)-(orgUnitId)-quizzes-(quizId)-questions- and
I've been using the core:*:* scope to support those, and that works fine, but I have a client who is concerned about this scope, so I've been looking into it more deeply and I'm a little confused by what I'm finding. I found this post
Where someone is saying that you should use dropbox:folders:read or dropbox:folders:write for dropbox endpoints. Is this just misinformation, or are there really endpoints with undocumented scopes?
My understanding was that some endpoints don't have a scope yet, but may get one in the future, and core:*:* is the correct scope to use for them, is that accurate?
Thank you,
Ryker Blunck
Comentarios
-
From my understanding - Not all Dropbox related functions require a
dropbox:access:read or dropbox:folders:delete ordropbox:folders:writebut instead use core*:*
Make sure you check the documentation -
and -
I think the write was needed for me to be able to post a feedback comment via Python. I'm curious if anyone has posted a feedback file (e.g., an annotated version of a student's pdf homework submission)? I've been trying to get this down and have had issues. I'm not clear if it is the payload (json) structure that I am uploading or the scopes.
For what it is worth, the following scopes are enabled: Scope: core:: dropbox:access:read dropbox:folders:read,write enrollment:orgunit:read grades:access:read grades:gradecategories:read grades:gradeobjects:read grades:gradevalues:read,write quizzing:access:read quizzing:attempts:read quizzing:quizzes:read
