I'm trying to implement a way to actually logout from my application that is using the Valence API. I can obviously clear the session on my end, but is there a way through the API to actually log out of the Desire2Learn site as well? I've looked through the docs and didn't see anything.
Asked
Active
Viewed 590 times
6
-
I did some tracking of the javascript in our instance of D2L, and I was able to determine that https://site.name.edu/d2l/logout at least provides a page confirming that they want to logout. This at least gives them a quick option to actually logout. – Harry Jan 21 '13 at 16:34
-
Actually, this doesn't appear to actual close out the API session. It does log them out, but the API calls don't reflect that they are no longer logged in... back to the drawing board. – Harry Jan 23 '13 at 15:46
-
Do you mean to invalidate the user's token? – Flame Feb 20 '13 at 04:02
-
I'm trying to have it actually log them out of the Desire2Learn site (the one where the actual authentication occurs, and then redirects back to my system). I want it to be as though they went to that system and clicked "logout", without them having to actually do that. – Harry Feb 20 '13 at 13:27
1 Answers
3
No, there is currently no route to explicitly log out, or log in. You can, however, use the Valence auth process to generate credentials for a new user. What you need to do in that case is use a browser to interact with the user that doesn't have an open session with the LMS: as long as the LMS thinks that the browser doing the user part of the authentication has an open session, it will pass back the user credentials for that user instead of asking the user to re-authenticate.
Typically an inactive session with the LMS expires after a short time and then the LMS will force the user to re-authenticate if your app initiates the auth process.
Viktor Haag
- 3,253
- 1
- 15
- 21