Use OAuth 2.0 to Authenticate with Blackboard Learn
Blackboard Learn offers a REST API for authenticating applications and application users using variants of the OAuth 2.0 specification. Select the OAuth 2.0 variant that matches your needs.
- Three-legged OAuth
In this approach, your app requires a user login and uses that individual's credentials to log into Blackboard Learn. During the session, the application has access only to the data and features allowed to that user. This approach limits access to the particular logged-in user's entitlements.
- Basic OAuth
In this approach, your application only has access to all data and features granted by the entitlements of the user the Learn administrator associates with the REST application when they install the application on the Learn system. This approach is ideal when all users of the REST application need the same set of entitlements to Blackboard Learn. It may also be satisfactory when other security measures prevent unauthorized access to data and features. An analogy for Basic OAuth is the old Building Block (B2) mechanism where the B2 informed the Learn administrator of the entitlements it needed on install. Then all users access to Learn data and features through the B2 was managed through the B2 business logic, limited to the entitlements it was given on install.