Root Outcome Group API Giving a 401 Response

erik_gustafson

I have been working on an Outcomes script to help facilitate our accreditation efforts. Part of the script involves adding Outcomes to courses automatically, but in order to do this, I need to get the Root Outcome Group ID for a course to put the Outcomes into based on the information from this community posting: https://community.canvaslms.com/t5/Developers-Group/Outcome-group-missing-id-until-course-is-quot-active-quot/td-p/178339 

I am using the Redirect to root outcome group for context endpoint (GET /api/v1/courses/:course_id/root_outcome_group). 

Using this endpoint in a browser directly and via the Canvas Live API works every time as intended. However, when I try to use this endpoint in Powershell (which is what we use for our Canvas API calls), I get a 401 Unauthorized return every time. 

(https://xxxx.instructure.com/api/v1/courses/######/root_outcome_group )

The interesting thing is that after I use the endpoint and get the 401, I can get the Root Outcome Group ID for the course, even though the return was a 401. 

Has anyone else experienced an issue like this when trying to access this specific endpoint programmatically? I contacted Canvas Support, but they said they couldn't help because it was a custom script, and because it works in the browser as expected. 

I am at a loss right now on what to do. I don't want to keep using the endpoint if I am getting a 401. I don't know if the API would reject my token eventually if I only get a 401 from it.

Any help would be greatly appreciated. 

 

erik_gustafson

I have found a solution to this problem. 

From what I understand, the root_outcome_group API endpoint (https://xxxx.instructure.com/api/v1/courses/######/root_outcome_group ) is a convenience redirection to the root group for the context, whether that be account or course. 

The original error I was experiencing was a 401: Unauthorized return. It didn't make sense to me why I was getting this when it worked in the browser. What I failed to understand is that PowerShell did not know how to handle the redirection. When you go to the root_outcome_group endpoint, you are redirected to that root group. The browser knows how to handle the redirection. So, I had to show PowerShell how to handle the redirection.

By using the Invoke-WebRequest method and by setting the MaximumRedirection parameter to 0, I was able to get a return with the redirection link in the headers.

Invoke-WebRequest -Method GET -Uri "root_group_uri" -Headers @{"Authorization" = "Bearer #token"} -MaximumRedirection 0 -ErrorAction SilentlyContinue 

Then, I can do a follow up Invoke-RestMethod with the -Uri set to the redirection link in the headers. I added the -ErrorAction SilentlyContinue in the request to suppress the error message because it will tell me that the maximum redirections have been reached, which is okay because I do not need it to redirect.

Now, I can get the id for the course's root group bypassing the need for the Outcomes metadata to be active as is mentioned in the original community post that I found (https://community.canvaslms.com/t5/Canvas-Developers-Group/Outcome-group-missing-id-until-course-is-quot-active-quot/td-p/178339). 

I hope this is helpful for anyone that is working with Outcomes in this way, and I hope it provides hints to anyone else using different programs to do their automation.