The settings actions let an organization manage the account settings available to users. We’ve divided this functionality into two, general groups:
A user’s settings associated with the user account directly, independent of a particular org unit enrollment, we call account settings.
Settings for users that are done on an org unit by org unit basis, often managed by instructors, we call user settings.
Attributes¶
- Settings.UpdateLocale¶
When updating a user’s account setting for preferred locale, pass a structure that looks like this one:
{ "LocaleId": <number:D2LID> }
- LocaleId
System identifier for a particular
Locale.
Custom widget data¶
- Settings.WidgetData¶
When setting custom widget data, pass a structure that looks like this one:
{ "Data": <string> }
- Data
Widget data to be stored. Note, this data itself should be in json format. Double quotes within the json string must be escaped with a backslash (”\”) as in this example:
{ "Data": "{ \"key\": \"value\" }" }
Local authentication security¶
- TWOFACTOR_T¶
Represents the override setting for adding a two-factor authentication method.
Override Setting
Value
Not Available
0
Optional
1
- Settings.LASOverrideData¶
Returned when obtaining a list of local authentication security overrides.
{ "UserId": <number:D2LID>, "TwoFactor": <number:TWOFACTOR_T>, "LocalLogin": <boolean> }
- UserId
User that the override belongs to.
- TwoFactor
The override setting for adding a two-factor authentication method.
- LocalLogin
Determines whether or not the user is allowed to use local authentication to log in.
- Settings.LASOverrideUpdateData¶
Submitted when updating Local Authentication Security overrides.
{ "TwoFactor": <number:TWOFACTOR_T>, "LocalLogin": <boolean> }
- TwoFactor
The override setting for adding a two-factor authentication method.
- LocalLogin
Determines whether or not the user is allowed to use local authentication to log in.
Actions¶
- GET /d2l/api/lp/(version)/accountSettings/mySettings/locale/¶
Retrieve the current user’s locale account settings.
- Parameters:
version (D2LVERSION) – API version.
- Status Codes:
200 OK – Action succeeded.
403 Forbidden – No permission to see current user’s preferred locale.
429 Too Many Requests – API call-rate limit exceeded.
- API Versions:
1.43+ – Route first appears in LMS v20.23.5.
1.35-1.42 – Deprecated as of LMS v20.24.1.
1.34- – Obsolete as of LMS v20.24.1.
Return. This action returns a
LocaleJSON block, containing information about the current user’s currently set locale.
- GET /d2l/api/lp/(version)/accountSettings/(userId)/locale/¶
Retrieve the locale account settings for a particular user.
- Parameters:
version (D2LVERSION) – API version.
userId (D2LID) – User ID.
- Oauth2 Scopes:
accountsettings:locale:read
- Status Codes:
200 OK – Action succeeded.
403 Forbidden – No permission to see preferred locales for other users.
404 Not Found – No such user.
429 Too Many Requests – API call-rate limit exceeded.
- API Versions:
1.43+ – Route first appears in LMS v20.23.5.
1.35-1.42 – Deprecated as of LMS v20.24.1.
1.34- – Obsolete as of LMS v20.24.1.
Return. This action returns a
LocaleJSON block, containing information about the user’s currently set locale.
- PUT /d2l/api/lp/(version)/accountSettings/mySettings/locale/¶
Update the current user’s locale account settings.
- Parameters:
version (D2LVERSION) – API version.
- JSON Parameters:
UpdateSettings (
Settings.UpdateLocale) – Update settings for user.
- Status Codes:
200 OK – Action succeeded.
403 Forbidden – No permission to set current user’s preferred locale.
429 Too Many Requests – API call-rate limit exceeded.
- API Versions:
1.43+ – Route first appears in LMS v20.23.5.
1.35-1.42 – Deprecated as of LMS v20.24.1.
1.34- – Obsolete as of LMS v20.24.1.
- PUT /d2l/api/lp/(version)/accountSettings/(userId)/locale/¶
Update the locale account settings for a particular user.
- Parameters:
version (D2LVERSION) – API version.
userId (D2LID) – User ID.
- JSON Parameters:
UpdateSettings (
Settings.UpdateLocale) – Update settings for user.
- Oauth2 Scopes:
accountsettings:locale:update
- Status Codes:
200 OK – Action succeeded.
403 Forbidden – No permission to set preferred locales for other users.
404 Not Found – No such user.
429 Too Many Requests – API call-rate limit exceeded.
- API Versions:
1.43+ – Route first appears in LMS v20.23.5.
1.35-1.42 – Deprecated as of LMS v20.24.1.
1.34- – Obsolete as of LMS v20.24.1.
Custom widget data¶
These actions let you save a modest amount of data for custom widgets within an org unit, both org-unit wide data, and data specific to individual users. Note the custom widget’s HTML body can gain access to the custom widget’s ID by using the {widgetid} replace string.
Note
Currently, you can only store a modest amount of data for each data record you add. A single widget and org unit combination (as well as a widget, org unit and user combination) has a set data limit and the back-end service does not provide a way to determine how much of the storage has already been used.
- DELETE /d2l/api/lp/(version)/(orgUnitId)/widgetdata/(customWidgetId)¶
Delete custom widget data for an org unit.
- Parameters:
version (D2LVERSION) – API version.
orgUnitId (D2LID) – Org unit ID.
customWidgetId (D2LID) – Custom widget ID.
- Status Codes:
200 OK – Action succeeded.
400 Bad Request – Widget data does not exist.
403 Forbidden – No permission to modify custom widget data within the org unit.
429 Too Many Requests – API call-rate limit exceeded.
- API Versions:
1.43+ – Route first appears in LMS v20.23.5.
1.35-1.42 – Deprecated as of LMS v20.24.1.
1.34- – Obsolete as of LMS v20.24.1.
- DELETE /d2l/api/lp/(version)/(orgUnitId)/widgetdata/(customWidgetId)/mydata¶
Delete custom widget data for an org unit tied to the current user.
- Parameters:
version (D2LVERSION) – API version.
orgUnitId (D2LID) – Org unit ID.
customWidgetId (D2LID) – Custom widget ID.
- Status Codes:
200 OK – Action succeeded.
400 Bad Request – Widget data does not exist.
403 Forbidden – No permission for the user to modify their own custom widget data.
429 Too Many Requests – API call-rate limit exceeded.
- API Versions:
1.43+ – Route first appears in LMS v20.23.5.
1.35-1.42 – Deprecated as of LMS v20.24.1.
1.34- – Obsolete as of LMS v20.24.1.
- DELETE /d2l/api/lp/(version)/(orgUnitId)/widgetdata/(customWidgetId)/(userId)¶
Delete custom widget data for an org unit tied to a particular user.
- Parameters:
version (D2LVERSION) – API version.
orgUnitId (D2LID) – Org unit ID.
customWidgetId (D2LID) – Custom widget ID.
userId (D2LID) – User ID.
- Status Codes:
200 OK – Action succeeded.
400 Bad Request – Widget data does not exist.
403 Forbidden – No permission for the calling user to modify the specified user’s custom widget data (see note).
429 Too Many Requests – API call-rate limit exceeded.
- API Versions:
1.43+ – Route first appears in LMS v20.23.5.
1.35-1.42 – Deprecated as of LMS v20.24.1.
Input. The target user identified in the route for this action must have their enrollment role set to be visible within the classlist.
- GET /d2l/api/lp/(version)/(orgUnitId)/widgetdata/(customWidgetId)¶
Retrieve custom widget data for an org unit.
- Parameters:
version (D2LVERSION) – API version.
orgUnitId (D2LID) – Org unit ID.
customWidgetId (D2LID) – Custom widget ID.
- Status Codes:
200 OK – Action succeeded.
403 Forbidden – No permission to access custom widget data within the org unit.
404 Not Found – No data is present for the custom widget.
429 Too Many Requests – API call-rate limit exceeded.
- API Versions:
1.43+ – Route first appears in LMS v20.23.5.
1.35-1.42 – Deprecated as of LMS v20.24.1.
1.34- – Obsolete as of LMS v20.24.1.
Return. This action returns a
WidgetDataJSON block showing the widget data for the specified custom widget.
- GET /d2l/api/lp/(version)/(orgUnitId)/widgetdata/(customWidgetId)/mydata¶
Retrieve custom widget data for an org unit tied to the current user.
- Parameters:
version (D2LVERSION) – API version.
orgUnitId (D2LID) – Org unit ID.
customWidgetId (D2LID) – Custom widget ID.
- Status Codes:
200 OK – Action succeeded.
403 Forbidden – No permission for the user to access their own custom widget data.
404 Not Found – No data is present for the custom widget/user.
429 Too Many Requests – API call-rate limit exceeded.
- API Versions:
1.43+ – Route first appears in LMS v20.23.5.
1.35-1.42 – Deprecated as of LMS v20.24.1.
1.34- – Obsolete as of LMS v20.24.1.
Return. This action returns a
WidgetDataJSON block showing the widget data for the specified custom widget.
- GET /d2l/api/lp/(version)/(orgUnitId)/widgetdata/(customWidgetId)/(userId)¶
Retrieve custom widget data for an org unit tied to a particular user.
- Parameters:
version (D2LVERSION) – API version.
orgUnitId (D2LID) – Org unit ID.
customWidgetId (D2LID) – Custom widget ID.
userId (D2LID) – User ID.
- Status Codes:
200 OK – Action succeeded.
403 Forbidden – No permission for the calling user to access the specified user’s custom widget data (see note).
404 Not Found – No data is present for the custom widget/user.
429 Too Many Requests – API call-rate limit exceeded.
- API Versions:
1.43+ – Route first appears in LMS v20.23.5.
1.35-1.42 – Deprecated as of LMS v20.24.1.
Input. Note that the target user identified in the route for this action must have their enrollment role set to be visible within the classlist.
Return. This action returns a
WidgetDataJSON block showing the widget data for the specified custom widget.
- PUT /d2l/api/lp/(version)/(orgUnitId)/widgetdata/(customWidgetId)¶
Update custom data for a widget in an org unit.
- Parameters:
version (D2LVERSION) – API version.
orgUnitId (D2LID) – Org unit ID.
customWidgetId (D2LID) – Custom widget ID.
- JSON Parameters:
CustomWidgetData (
Settings.WidgetData) – new JSON config data for widget.
- Status Codes:
200 OK – Action succeeded.
400 Bad Request – Widget data not in correct format or data has not been created yet.
403 Forbidden – No permission to modify custom widget data within the org unit.
429 Too Many Requests – API call-rate limit exceeded.
- API Versions:
1.43+ – Route first appears in LMS v20.23.5.
1.35-1.42 – Deprecated as of LMS v20.24.1.
1.34- – Obsolete as of LMS v20.24.1.
Return. This action returns a
WidgetDataJSON block showing the widget data for the updated custom widget.
- PUT /d2l/api/lp/(version)/(orgUnitId)/widgetdata/(customWidgetId)/mydata¶
Update user-specific custom data for a widget in an org unit.
- Parameters:
version (D2LVERSION) – API version.
orgUnitId (D2LID) – Org unit ID.
customWidgetId (D2LID) – Custom widget ID.
- JSON Parameters:
CustomWidgetData (
Settings.WidgetData) – new JSON config data for current user for widget.
- Status Codes:
200 OK – Action succeeded.
400 Bad Request – Widget data not in correct format or data has not been created yet.
403 Forbidden – No permission for the user to modify their own custom widget data.
429 Too Many Requests – API call-rate limit exceeded.
- API Versions:
1.43+ – Route first appears in LMS v20.23.5.
1.35-1.42 – Deprecated as of LMS v20.24.1.
1.34- – Obsolete as of LMS v20.24.1.
Return. This action returns a
WidgetDataJSON block showing the widget data for the updated custom widget.
- PUT /d2l/api/lp/(version)/(orgUnitId)/widgetdata/(customWidgetId)/(userId)¶
Update custom data for a widget for an org unit tied to a particular user.
- Parameters:
version (D2LVERSION) – API version.
orgUnitId (D2LID) – Org unit ID.
customWidgetId (D2LID) – Custom widget ID.
userId (D2LID) – User ID.
- JSON Parameters:
CustomWidgetData (
Settings.WidgetData) – new JSON config data for spcified user for widget.
- Status Codes:
200 OK – Action succeeded.
400 Bad Request – Widget data not in correct format or data has not been created yet.
403 Forbidden – No permission for the calling user to modify the specified user’s custom widget data (see note).
429 Too Many Requests – API call-rate limit exceeded.
- API Versions:
1.43+ – Route first appears in LMS v20.23.5.
1.35-1.42 – Deprecated as of LMS v20.24.1.
Input. Note that the target user identified in the route for this action must have their enrollment role set to be visible within the classlist.
Return. This action returns a
WidgetDataJSON block showing the widget data for the updated custom widget.
Local authentication security¶
These actions let you manage overrides to the role permissions within local authentication secrity for individual users. These overrides determine whether a user can configure a two-factor authentication method, or if they can log in using local Brightspace authentication.
- DELETE /d2l/api/lp/(version)/localauthenticationsecurity/overrides/¶
Delete local authentication security overrides for a list of users.
- Parameters:
version (D2LVERSION) – API version.
- Query Parameters:
- Oauth2 Scopes:
localauthenticationsecurity:overrides:manage
- Status Codes:
200 OK – Action succeeded.
403 Forbidden – No permission for the calling user to manage the Local Authentication Security overrides.
429 Too Many Requests – API call-rate limit exceeded.
- API Versions:
1.45+ – Route first appears in LMS v20.23.11.
- GET /d2l/api/lp/(version)/localauthenticationsecurity/overrides/¶
Retrieve local authentication security overrides for a list of users.
- Parameters:
version (D2LVERSION) – API version.
- Query Parameters:
- Oauth2 Scopes:
localauthenticationsecurity:overrides:read
- Status Codes:
200 OK – Action succeeded.
403 Forbidden – No permission for the calling user to view the local authentication security overrides.
429 Too Many Requests – API call-rate limit exceeded.
- API Versions:
1.45+ – Route first appears in LMS v20.23.11.
Input. When calling this action, you must provide a list of user IDs for which override information will be returned.
Return. This action returns a JSON array of
LASOverrideDataJSON blocks showing overrides for the list of users requested. If a user doesn’t exist, they will be omitted from the results.
- POST /d2l/api/lp/(version)/localauthenticationsecurity/overrides/¶
Add or update local authentication security overrides for a list of users.
- Parameters:
version (D2LVERSION) – API version.
- Query Parameters:
- JSON Parameters:
LASOverrideUpdateData (
Settings.LASOverrideUpdateData) – the override data to add for the list of users.
- Oauth2 Scopes:
localauthenticationsecurity:overrides:manage
- Status Codes:
200 OK – Action succeeded.
400 Bad Request – Combination of options is invalid (see input description).
403 Forbidden – No permission for the calling user to manage local authentication security overrides.
429 Too Many Requests – API call-rate limit exceeded.
- API Versions:
1.45+ – Route first appears in LMS v20.23.11.
Input. When using this action, you must provide a list of user IDs to manage; all will receive the same local authentication security override policy provided in your
LASOVerrideUpdateDataJSON block.Note
Note that two-factor authentication cannot be enabled (TwoFactor value non-zero) if local authentication is not permitted (LocalLogin value is True).
Return. This action does not return any body data.