为什么在 edX 安装中调用 api/user/v1/accounts 端点并不总是提供名称和 email 地址？

Question

In calling our edX installation's api/user/v1/accounts endpoint for some users, I get more information than other users, however the users are defined similarly. Any idea what is not configured correctly?

To compare, this is what is expected:

{
    "username": "xapitest",
    "bio": null,
    "requires_parental_consent": true,
    "name": "Xapi Test",
    "secondary_email": null,
    "country": null,
    "social_links": [],
    "is_active": true,
    "profile_image": {
        "image_url_full": "https://online.xxxedx.com/static/images/profiles/default_500.4215dbe8010f.png",
        "image_url_large": "https://online.xxxedx.com/static/images/profiles/default_120.4a5e0900098e.png",
        "image_url_medium": "https://online.xxxedx.com/static/images/profiles/default_50.3455a6581573.png",
        "image_url_small": "https://online.xxxedx.com/static/images/profiles/default_30.deee7287e843.png",
        "has_image": false
    },
    "extended_profile": [],
    "year_of_birth": null,
    "level_of_education": null,
    "accomplishments_shared": false,
    "goals": "",
    "language_proficiencies": [],
    "gender": null,
    "account_privacy": "private",
    "mailing_address": "",
    "email": "xapitest@xxxedx.com",
    "date_joined": "2020-04-27T14:49:58Z"
}

And this is what I get with another user defined:

{
    "username": "Rolrox",
    "bio": null,
    "accomplishments_shared": false,
    "country": "HU",
    "social_links": [],
    "profile_image": {
        "image_url_full": "https://online.xxxedx.com/static/images/profiles/default_500.4215dbe8010f.png",
        "image_url_large": "https://online.xxxedx.com/static/images/profiles/default_120.4a5e0900098e.png",
        "image_url_medium": "https://online.xxxedx.com/static/images/profiles/default_50.3455a6581573.png",
        "image_url_small": "https://online.xxxedx.com/static/images/profiles/default_30.deee7287e843.png",
        "has_image": false
    },
    "time_zone": null,
    "language_proficiencies": [],
    "account_privacy": "all_users",
    "date_joined": "2020-04-28T10:25:59Z"
}

The later is missing the name and email .

Answer 1

The issue is caused by the permissions of the user that one uses to process xapi calls.
When you first define a user, at least for us, we created that account using oauth2. We went to xyzedx.com/admin/oauth2/client.

That will supply you with the client id and client secret.

However, what we failed to do is then manage that user's permissions. These can be set at xyzedx.com/admin/auth/user. There you need to set:

• Active: True
• Staff User: True
• User permissions, allocate all of the the "oauth2|" ( [access token | refresh token] * [change, add, delete]).

To test, we used Postman. If you are unfamiliar with how to use such when you need an access token, then here's how that is done.

For the following example call to work:

https://xxxedx.com/api/user/v1/accounts/jbloggs

With the GET method, in the header for the http request, one provides: - accept: application/json - content-Type: application/json

Then set the Authorisation tab, specifically chosing OAuth 2.0 , and Get new Access Token .

There you will supply the credentials you got from the EdX Oauth2 configuration:

You need to configure this to add the token to the "Header" (this will create another entry in your "Header" table; and then elect to Use Token .

Then you Send the call.