I am attempting to add either a TeacherEnrollment or a TaEnrollment to an existing course (unpublished) and keep getting both a "100 Continue" followed by a "403 Forbidden" error message.
I've been using the associated (admin-level) auth-token for a while without issues. It has not expired.
Here is an example using curl from the command line (auth token edited out for security reasons.) It is structured identically to the example in the API docs:
* Trying 54.208.61.8... connected
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using DHE-RSA-AES256-SHA
* Server certificate:
* start date: 2013-04-03 04:02:12 GMT
* expire date: 2016-05-27 19:30:48 GMT
* SSL certificate verify ok.
> POST /api/v1/courses/273091/enrollments HTTP/1.1
> User-Agent: curl/7.22.0 (i686-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/
1.2.3.4 libidn/1.23 librtmp/2.3
> Accept: */*
> Authorization: Bearer <ACCESS-TOKEN>
> Content-Length: 358
> Expect: 100-continue
> Content-Type: multipart/form-data; boundary=----------------------------39f213ce1e0d
>
< HTTP/1.1 100 Continue
< HTTP/1.1 403 Forbidden
< Cache-Control: no-cache
< Content-Type: application/json; charset=utf-8
< Date: Thu, 23 Jan 2014 20:23:27 GMT
< Server: Apache
< Set-Cookie: canvas_session=<COOKIE>; path=/; secure; HttpOnly
< Status: 403
< Vary: Accept-Encoding
< X-Canvas-Meta: a=8;s=2;c=cluster2;z=us-east-1b;
< X-Canvas-User-Id: 20000001163333
< X-Frame-Options: SAMEORIGIN
< X-Request-Context-Id: 23fee220-669a-0131-9f84-0a22090fd302
< X-Runtime: 114
< X-Session-Id: 4f499fda495d99b553cb8d9fdc12e1ad
< X-UA-Compatible: IE=edge,chrome=1
< Content-Length: 33
< Connection: keep-alive
* HTTP error before end of send, stop sending
<
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
{"message":"No parameters given"}