Is there a way to verify that the user is already authenticated to the LMS, not within the calling user's context?
I have a server that has it's own App ID/Key pair and I want to use the JavaScript library to detect if the front-end user is authenticated. Can the whoami method do this, or does this method use the calling user's context?
Is there another way to use Valence with the browser's cookies to tell if there is an active session?
The Valence Learning Framework APIs employ a user's credentials to make nearly all calls. You can use the call to retrieve the version table for the back end service anonymously (without a set of user tokens), and you can of course request a set of user tokens without providing a set of user tokens. However, there is no call to detect if the web container already has a user session, because the Valence platform explicitly works at arms length from the web container.
Once you have a set of user tokens, you can use them to make calls going forward, even if the user has no active session, and intentionally so. The only thing you can tell about a set of user tokens you're using to make calls is whether the tokens themselves are still valid (the call works) or not (the call does not work, and fails with an invalid token error).