The Brightspace API provides developers with two Authentication approaches: OAuth 2.0 and our own proprietary Id Key Auth. This Authentication Guide covers ID Key Auth, but please note that we encourage you to use the OAuth 2.0 standard as that is where we at D2L are investing.
ID Key Auth
ID Key Authorization is a proprietary authentication solution that allows developers to write applications that access different services on behalf of a user.
Because ID Key Auth is unique to Brightspace we recommend developers use our standards-based OAuth 2.0 as it is our recommended authentication approach.
Workflow
All subsequent Brightspace API calls then must include the App ID and User ID, as well as a computationally generated App Sig and User Sig values. The signature values are typically generated using a Brightspace API SDK.
A very detailed technical ID Key Auth workflow is available here.
Resources
Documentation
Getting Started with API ID-Key Authentication
Getting Started Sample
Client SDKs
Tools
API Test Tool
Developer Community Articles
App Registration Process
How Do I Determine My Trusted URL?
ID Key - User Authentication FAQs and Best Practices
Headless Web Service Workflow
GitHub
Client SDKs
API Test Tool Code