Calling Valence API from a Java application with no UI challenge

[Jeffrey Kahn]

Folks,

I am new the the Valence API but not to LMS integrations via API.  I want to write a Java application that will run on a server and communicate with D2L to request things such as, say, the users enrolled in a course.  I want this application to run without ever having to log into the D2L sever through a UI.  I can run as an administrator rather than a user in that I am asking questions about the LMS in general and not doing something as a specific user such as posting a discussion comment.

In hand I have my appID and appKey.  I expect that what I want to do is possible, but I am not locating the relevant example.  What I expected to be able to do is get some kind of token by making an initial call using only my appID and signing with my appKey.  Then I would make subsequent calls with my token or similar.  Again, assuming this is possible, what is the initial call.  I think I also need guidance on what base string to sign.

Thanks,

Jeff

[jeff....@desire2learn.com]

Hi Jeff,

Have you checked out the Getting Started page in the Valence docs? There's a section on Java, here's a link: http://docs.valence.desire2learn.com/samples/gettingStarted.html#java.

If you have trouble with the samples, post back and let us know how we can help!

Take care,

Jeff

[Desire2Learn Staff: Sarah-Beth]

HI Jeff

Your scenario looks just like the one dealt with in the following post: https://groups.google.com/forum/?utm_medium=email&utm_source=footer#!topic/valenceusers/67HtRvyk3Ao

As a bonus, that post links to some other relevant posts to help fill in all the details. Let us know if that solves things for you, or if you have follow-up questions.

~S-BB

[jacob.pa...@gmail.com]

Please be mindful that if you are hard-coding tokens for a user with the authorization to do X, Y and Z then if your service is compromised then an attacker could gain that same authorization. Thus, when creating the user you should attempt to give it as few permissions/enrollments as necessary for your service.

You should also be careful with where you store the user tokens (in source code, configuration files etc.) and make sure to never transmit them indirectly to an end-user.