Reputation: 455
Retrieving authenticated users email
I have two questions both relating the the User data sets.
1. Is UniqueName in WhoAmI the same value as UserName in UserData
User.WhoAmIUser
{
"Identifier": "<string:D2LID>",
"FirstName": "<string>",
"LastName": "<string>",
"UniqueName": "<string>",
"ProfileIdentifier": "<string:D2LID>"
}
User.UserData
{
"OrgId": "<number:D2LID>",
"UserId": "<number:D2LID>",
"FirstName": "<string>",
"MiddleName": "<string>",
"LastName": "<string>",
"UserName": "<string>",
"ExternalEmail": "<string>",
"OrgDefinedId": "<string>",
"UniqueIdentifier": "<string>",
"Activation": "{composite:User.UserActivationData}"
}
2. How can I retrieve the current authenticated users email address? I've tried to connect to various Users API's but all return "Not Authorized". Even the "/d2l/api/lp/(D2LVERSION: version)/users/(D2LID: userId)" with my userId authorized as myself throws Not Authorized.
I have tried both with Student and Instructor Roles. I can retrieve the WhoAmI service, just not any other User services.
Thanks.
Upvotes: 1
Views: 183
Answers (1)
Reputation: 3418
1) The UniqueName property in the User.WhoAmIUser structure will (should) present the same value as the UserName property in User.UserData: this is the user's "log in name" within the LMS. In the back-end service, these two properties might be maintained separately, but for all intents and purposes, to the calling client, they should contain the same value (in that if you change the UserName value in a user record through the web UI, and then make a WhoAmI call, you'll see that change show up in the UniqueName property in the WhoAmI results).
2) Retrieving a user's email address may not be a simple feat: the ExternalEmail property in the UserData record should contain the same value that appears in the Email field in the user record in the Web UI. This is the email address that the LMS will use if it needs to send password-reset messages to a user.
This property is subject to User Information Privacy role-permissions, and some organizations may choose to tightly restrict who can see that value.
Additionally, the /d2l/api/lp/{ver}/users/ route itself is often subject to restrictive role permissions with some organizations. In general, if you're making a call with a user role that would have access to the functionality of the Users tool in the LMS' web UI, that role should also be able to have access to this API route.
If you do not have permission to use that API call (and you may not), then you can't use it to look for user details.
The User.User and Enrollment.ClasslistUser structures also contain a property to house that Email value from the user record, and if you can make a call to retrieve those structures (enrollment API calls, for example, or the classlist API call), then you might have access to the email value there, contingent on the User Information Privacy permissions the calling user has in place.
The upshot of all this is that many users at many organizations won't have the permission to retrieve their own external email address from their own user record, as they may not have permission to make the calls that would retrieve it, and it's not contained in the WhoAmIUser structure.
Upvotes: 1
Related Questions
- Obtaining user's email using Apple's IdentityToken
- To access user email from OAuth2.0?
- How do I retrieve user's email from Google
- Retrieve facebook email address using spring security
- Facebook oauth retrieve user Email
- Get email from username of user in Phabricator
- django-allauth - RESTful API return all email address belonging to a user
- How to get StackExchange user's email ID through the API
- Connecting to user email with oauth2
- How does one retrieve the email address of a user with GData?