Changes on /lp/(version)/users/(userId) endpoint?
We experience an issue with /lp/1.58/users/(userId) returning a 404 when it is not supposed to do that. The user id is valid (it was successfully returned by /lp/1.58/users/whoami).
Our application was running from Spring 2025 until recently without any issue. No changes on code nor on the Brightspace environment (e.g., permissions) where made.
Requests using the user's OAuth credentials:
[31-Mar-2026 01:24:34 UTC] Request: GET https://XXXX.brightspace.com/d2l/api/lp/1.58/users/whoami
[31-Mar-2026 01:24:34 UTC] Response: 200{"Identifier":"123456","FirstName":"Hans","LastName":"Muster", ...,"ProfileIdentifier":"YYYWWWXXXX"}
[31-Mar-2026 01:24:34 UTC] Request: GET https://XXXX.brightspace.com/d2l/api/lp/1.58/profile/myProfile
[31-Mar-2026 01:24:34 UTC] Response: 200{"ProfileIdentifier":"YYYWWWXXXX","Nickname":null,"Birthday":null,"HomeTown":null, ...}]}
Requests using the ID/Key Authentication with a Service User:
[31-Mar-2026 01:24:34 UTC] Request: GET https://XXXX.brightspace.com:443/d2l/api/lp/1.58/users/123456?x_a=...
[31-Mar-2026 01:24:34 UTC] Response: 404{"Errors":[{"Message":"Resource Not Found"}]}
Since this month, we get a 404 when calling the /lp/1.58/users/(userId) endpoint.
This happens in both, test and production, Brightspace environment. There were no changes to OAuth Credentials, ID/Key Credentials or the service user.
We previously used version 1.47 of the API, however, the same issue remains when using 1.58.
What has changed?
I read that some endpoints return a 404 instead of a 403 even if there is a lack of permission. However, nothing has changed in the Brightspace environment nor to the service user's permission, and the application was working until the last Brightspace update.