Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: Make the docs easier to read and and some links.

Browse Source
This commit is contained in:
Feanil Patel
2023-08-17 11:11:59 -04:00
parent 5a1abcb64f
commit df5759ca37
2 changed files with 25 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
docs/concepts/rest_apis.rst
View File

@@ -1,23 +1,30 @@
edx-platform REST API Concepts
##############################
APIs in the edx-platform fall into one of two categories. **Personal APIs**
that only let you manipluate resources related to your user (the single user
associated with the OAuth2 Application) or **Machine-to-machine APIs** that
allow you to manipulate other users and system resources so long as the user
associated with the OAuth2 application has the permissions to do so.
APIs in the edx-platform fall into one of two categories.
#. **Personal APIs** that only let you manipluate resources related to your
user (the single user associated with the OAuth2 Application)
#. **Machine-to-machine APIs** that allow you to manipulate other users and
system resources so long as the user associated with the OAuth2 application
has the permissions to do so.
The best way to interact with the APIs is to get a JWT Token associated with a
user and then pass that to the server as a part of the request header.
You can get a JWT one of two ways, one is to exchange the username and password
for a user to get their JWT, and the other is to get a JWT associated with an
OAuth2 Application (the application is associated with your user) that allows you
to manipulate other users and system resources so long as the user associated
with the OAuth2 application has the permissions to do so.
You can get a JWT one of two ways:
JWTs by default expire every hour so when they expire you'll have to get a new
one before you can call the API again.
#. Exchange the username and password for a user to get their JWT (see
:ref:`JWT from user`)
#. Get a JWT associated with an OAuth2 Application (the application is
associated with your user) that allows you to manipulate other users and
system resources so long as the user associated with the OAuth2 application
has the permissions to do so. (see :ref:`JWT from application`)
.. note:: JWTs by default expire every hour so when they expire you'll have to
get a new one before you can call the API again.
.. seealso::
@@ -27,6 +34,6 @@ one before you can call the API again.
* `OAuth2, JWT and Mobile <https://openedx.atlassian.net/wiki/spaces/AC/pages/42599769/OAuth2+JWT+and+Mobile>`_
* `Open edX Rest API Conventions <https://openedx.atlassian.net/wiki/spaces/AC/pages/18350757/Open+edX+REST+API+Conventions>`
* `Open edX Rest API Conventions <https://openedx.atlassian.net/wiki/spaces/AC/pages/18350757/Open+edX+REST+API+Conventions>`_
* `edX Enterprise REST API Auth Guide <https://edx-enterprise-api.readthedocs.io/en/latest/authentication.html>`
* `edX Enterprise REST API Auth Guide <https://edx-enterprise-api.readthedocs.io/en/latest/authentication.html>`_

4
docs/references/auth_code_samples.rst
View File

@@ -8,6 +8,8 @@ Authentication Related Code Samples
examples are useful but you should generally not expose any of these tokens
to systems or clients you don't trust.
.. _JWT from user:
Get a JWT with a Username and Password
**************************************
@@ -39,6 +41,8 @@ Get a JWT with a Username and Password
.. note:: The client type must be ``public`` for this to work.
.. _JWT from application:
Get a JWT with a client_id and client_secret
********************************************