I have a learning tool that integrates with Moodle via LTI 1.3. The tool uses Assignments & Grades Services to post grades to Moodle when a learner completes an activity. While posting grades works without issue in the Moodle 4.1 Sandbox, we're experiencing an issue with a particular Moodle 4.1.5 instance.
Payload: {userId: "XXXXX", scoreGiven: 2.0, scoreMaximum: 10.0, comment: "", timestamp: "2024-04-11T00:09:43.192098", activityProgress: "Completed", gradingProgress: "FullyGraded"}
Response: {reason:"Unauthorized", request:{...}, status:401}
We have ensured that the student for which grades are being posted is enrolled in the course. Any assistance or ideas on this would be greatly appreciated!
Hi Sean,
This kind of problem does come up on this forum from time to time. Unfortunately, that 401 masks a whole range of causes, and we don't have the debugging capabilities yet to be able to surface that nicely for troubleshooting. We definitely need that.
See this response on another thread, which links to the code checks responsible for the 401. https://moodle.org/mod/forum/discuss.php?d=439687#p1769659. The problem in that case was a missing authorization header, but that's not the only cause. If any of the checks fail (missing header, signature check failure), they can result in the 401, but we don't know which one caused it.
Sorry that I can't point you right at the issue but hopefully that gives you one or two things to check.
Jake
This kind of problem does come up on this forum from time to time. Unfortunately, that 401 masks a whole range of causes, and we don't have the debugging capabilities yet to be able to surface that nicely for troubleshooting. We definitely need that.
See this response on another thread, which links to the code checks responsible for the 401. https://moodle.org/mod/forum/discuss.php?d=439687#p1769659. The problem in that case was a missing authorization header, but that's not the only cause. If any of the checks fail (missing header, signature check failure), they can result in the 401, but we don't know which one caused it.
Sorry that I can't point you right at the issue but hopefully that gives you one or two things to check.
Jake
Hi Jake,
Thanks for your help, the solution you linked solved the issue for us (with a slight deviation). The LMS administrator let me know that they used CGIPassAuth, "as a safer way to address the issue without modifying environment variables which may contain side effects".
Thanks again,
Sean
Thanks for your help, the solution you linked solved the issue for us (with a slight deviation). The LMS administrator let me know that they used CGIPassAuth, "as a safer way to address the issue without modifying environment variables which may contain side effects".
Thanks again,
Sean