News service API resulst in 403 (forbidden) when retieving anouncements fot a user
When I use GET /d2l/api/le/(version)/news/user/(userId)/ tot get the announcements for a specific user I get an HTTP 403 Forbidden message unless the API call is performed by a user who is granted the (Super) Admin role.
When I use GET /d2l/api/le/(version)/(orgUnitId)/news/ to get the announcements for a given orgunit it works fine.
I think it has to do with a permission that is missing in the none-admin role we want to use for our integrations but I can't find which one. Is there documentation on which permissions you need for certain API endpoints?
Answers
-
Hi @Arald.d.320 ,
Thanks for reaching us through community!!
Based on the error, it looks like the user has No permission to add news, classlist, roles for this org unit, no permission to see news for this org unit, or no permission to see User Information Privacy.
Please find the documentation for the API call you mentioned -
If you still have doubts, please raise a support case for us to help in detail.
Thanks,
Sangeetha
-
We found that it turned out to the the "See Roles and persmissions" permission. When we switch this off we get "Forbidden". When it is turned on we get the list of announcements for the user.
-
Hi @Arald.d.320 ,
Thanks for the update. Glad you were able to resolve the issue raised.
Please feel free to reach to us through community if you have any questions.
Thanks,
Sangeetha
