Session
Destroy the current session, effectively logging out.
curl -H "X-Session-ID: 0123456789" "https://lor.instructure.com/api/sessions/logout"
GET /api/sessions/logout HTTP/1.1
Host: lor.instructure.com
x-session-id: YOUR_API_KEY
Accept: */*
No content
Get the contents of the specified session. Session contents will only be returned for the current session. Sessions are always created for a specific user. Thus user specific information in the session will always belong to the user who created the session.
Example:
curl -H "X-Session-ID: 0123456789" "https://lor.instructure.com/api/sessions/0123456789"
The id of the session
GET /api/sessions/{id} HTTP/1.1
Host: lor.instructure.com
x-session-id: YOUR_API_KEY
Accept: */*
{
"sid": "text",
"expires": "text",
"userId": "text",
"prefersHighContrast": true,
"locale": "text",
"userFullName": "text",
"accountName": "text",
"accountId": "text",
"canvasUserId": "text",
"canvasApiDomain": "text",
"roles": [
"text"
],
"isAdmin": true,
"canSharePublic": true,
"canShowPublic": true,
"showCuratedResourcesFirst": true,
"showFederalStandards": true,
"showStateStandards": true,
"stateStandard": "text",
"isAccountCurator": true,
"userAvatarUrl": "text"
}
Create a session in Commons.
In order to generate a Commons session using this API, you must have already launched into Commons through Canvas at least once before.
If not, you will get an error informing you that you have never launched into Commons before.
Additionally, you will need to have accepted the terms of service.
This endpoint also requires that you first acquire a JWT (JSON Web Token) that contains certain information needed by Commons to set up the session.
You can acquire this JWT by sending a HTTP GET request to:
https://[your-canvas-domain]/api/lti/accounts/self/jwt_token?tool_launch_url=https://lor.instructure.com/api/lti
This endpoint requires the typical Canvas Authorization header. This means you will need to generate an Access Token as described here.
Example:
curl -X POST -H "Content-Type: application/json" --data '{"jwt_token": "<contents of JWT token>"}' "https://lor.instructure.com/api/sessions"
The JWT that is given to you by Canvas. It should be exactly as Canvas gives it to you. Do not decode it and give us the decoded version. We will handle that for you.
POST /api/sessions HTTP/1.1
Host: lor.instructure.com
Content-Type: application/json
Accept: */*
Content-Length: 55
{
"jwt_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}
{
"sessionId": "text"
}
Last updated
Was this helpful?