Does SKY API provide ability to get information about currently logged user?

Vitali Prokofiev

<a href="https://oauth2.sky.blackbaud.com/token">https://oauth2.sky.blackbaud.com/token<br/><br/></a>When authorization is passed, the service returns 'user_id'. Accordingly description it's the unique identifier of the authenticated Blackbaud user in whose context the access token is issued.<br/><br/>Can I get information about the user via some API using this identifier? (I'm interesting in user's name)

Steven Cinquegrana

Hi Vitali‍ . I'm not aware of a way to do this currently. However about 18 months ago I posted a suggestion for a Utility API, as well as an idea on the Ideas board, which would fulfill this kind of need, among other things such as remaining call quota, etc.


Nothing has come of it so far, though, unfortunately.


Cheers,

Steve Cinquegrana | CEO and Principal Developer | Protégé Solutions

 

Paul Zimmerman

You could try the SKY API "Single User" endpoint (https://developer.sky.blackbaud.com/docs/services/school/operations/V1UsersByUser_idGet) or the ON API "Get User" (http://on-api.developer.blackbaud.com/API/constituents/user/get-user-ID/) or "Get User Extended" (http://on-api.developer.blackbaud.com/API/constituents/user/get-user-extended-ID/) endpoints.

Ben Wong

Vitali Prokofiev‍ can you share your specific use-case? What information would you need from the logged-in user? What would you do with that information?


Same questions for anyone else looking for more user information.


Thanks!

Vitali Prokofiev

Ben Wong:
Vitali Prokofiev‍ can you share your specific use-case? What information would you need from the logged-in user? What would you do with that information?


Same questions for anyone else looking for more user information.


Thanks!

Most of cases are connected with displaying of logged in user's info. Examples:

• Need to display name of current user on screens (first\\last names). Same as it displayed in the header on this forum
• Need to know email to provide for user ability to receive reports
• Need to display history of changes (like 'John Smith changed this 3 days ago') 
• etc

So, I need next information:

1. First\\Last names (or already joined full name)
2. Email

It's a bit strange to ask an user to enter all this information after login via 3rd party system(where this info is already placed), 21st century outside the window. I tried methods provided by Paul Zimmerman, but unsuccessfully. 

Ben Wong

Hi Vitali Prokofiev‍,


Good news for you! Hopefully you saw the announcement on the blog on Friday, but if not, we are now providing the email, family_name, and given_name in the OAuth token response. You can now use these values to provide a more personalized experience.


Would love to get your feedback on how you can use this.


Thanks!


Ben

Vitali Prokofiev

Ben Wong:

Hi Vitali Prokofiev‍,


Good news for you! Hopefully you saw the announcement on the blog on Friday, but if not, we are now providing the email, family_name, and given_name in the OAuth token response. You can now use these values to provide a more personalized experience.


Would love to get your feedback on how you can use this.


Thanks!


Ben

Thank you!!!

Warren Sherliker

Hi Ben,


Just wanting to clarify a few things:

- I assume due to the new OAUTH grant permission requirement existing oauth'ed users would need to reauth to provide permission for the user information to be sent to us?

- Does the refresh token API call also return the user_information too in the response - in case it has changed?


Personally I hope you still provide a /me api endpoint in the future as this very basic user detail would, one would expect, expand to include user rights information and other user specific details. It would do no harm to have that endpoint return the user_information for now too, especially if the refresh_token does not include the details...


Cheers


Warren

Ben Wong

Hey Warren Sherliker‍,


Yes, if you use the refresh token you will get the same user information in the token response.


We are making this retroactive because it will simplify our customer's experience managing SKY applications. We decided to keep things simple, as forcing every user to reauthorize would be very disruptive. Customers have already established trusted relationships with their authorized apps, and we don't believe that anyone would disconnect an app because of this new capability. The customers can still disconnect the app if they have concerns or report the app to Blackbaud if they believe the developer is violating the SKY API terms.


We are still thinking about whether to introduce an API to provide more information about the user and their role/permissions. This change is the first step down that path.


Thanks!

Ben