Authentication and Authorization

GO1 uses OAuth2 for authentication and authorization purposes. If you are not familiar we recommend An Introduction to OAuth2.

When your application wants to access GO1 API Resources for the first time, these steps take place:

  1. Your application redirects the user to GO1
  2. The user logs into GO1
  3. The user selects which portal to grant access to
  4. The user authorizes your application to access the requested GO1 API Resources
  5. Your application receives a response that will facilitate an access token it can use for API requests.

GO1 Portals

GO1 users belong to one or more portals. This API only supports accessing data from one portal at a time. If you need to retrieve data from multiple portals you will need to authenticate with each portal and separately request the data.

Getting your application credentials

You can can get your credentials by contacting support@go1.com or programmatically.

Generating application credentials

This functionality is not part of the OAuth2 specification but it works by overloading it. It is discouraged, but if you find you need to generate application credentials on demand this is how to do it:

  1. Set your client_id to any value except an already existing client id.
  2. Append new_client=MyClientName to your query string, where MyClientName is how you want to name your client.
  3. When the OAuth flow completes, you'll receive two extra parameters in the query string or fragment:
    • client_id: The newly created client id
    • client_secret: The secret of your new client id
  4. Store your new client id and secret and continue with the standard flow.
https://auth.go1.com/oauth/authorize?new_client=MyClientName&response_type=code&client_id=myAwesomeApp&redirect_uri=http://example.com
http://example.com/?client_id=828354d9767c4ca4cfae33562e5f670b7be29f2b&client_secret=c3d87b476a1a526f03b958003c24b99603df59f3&code=def5020074b53864c97669960a96c20c63480fd6cc6bdd9ee39becc2fb6c430a6a5f4e66bbf9348f9c0875bc240967fb8996502e345fa868d502d508ea032826234ce4b562394fc29f7807f66e58ad414506c2a3659a7e336d607ac6ba398daf94fb3b1acaec7ba21e50a61d488deac5c86fbe103a099e5b274bbeb2fe8c5c234d3e640364683b38b61cacdba8e61a31175475c30156b4c81d2a8673e181daafe4ab9d78f2f792612a1816a861cd4b60990e0d7c47419aac1e12f90d8d59cd215511be1dba40cfa045fbfaea5e7fdd047d35c561ed11500586d6a484d965c37553c07b2987aeb793c1fdcce3fc21280f3e449b686e6a0fe2cca1b7d08b690f99213f72484c6ab7b4467fc23e41093f68415ceb862735aab375659d545aaa404fee4046b1d13defa2c476036c505b7ad0957ae493ffb722066d3b8c87b58aecc86b786b1bd5c8320539897804c3eca60075973a7a394400ea18a0bae3956d5b406823d0ce6be9b422b329a893094a00bde6f71da795fe453f977f96f08c31495514

Scopes: Requesting the Right Permissions

There is a specific set of access rights your application can request:

  • account.read: Read account information
  • enrollment.read: Read enrollment data
  • enrollment.write: Modify enrollments
  • lo.read: Access learning objects data, like courses and collections.
  • lo.write: Modify learning objects
  • portal.read: Read portal configuration
  • portal.write: Modify portal configuration
  • user.read: Read user data
  • user.write: Modify users
  • webhook.read: Read webhook configuration
  • webhook.write: Modify webhook configuration
https://auth.go1.com/oauth/authorize?scope=account.read%20user.read%20&response_type=code&client_id=client1234&redirect_uri=http://example.com

Your application should know beforehand what operations it needs to do and request the appropriate scopes.
If further down the road you need additional scopes, you'll need to request a new access token.

Trying to access a GO1 API Resource without the right scopes will return a 403 Forbidden HTTP status code.

Authentication and Authorization


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.