This is bonkers, and sort of smells. I’m not saying you have outright said anything untrue, but there is at least some ambiguity that my mind is filling in, potentially incorrectly.
Can you clarify how you got the Swagger files? Were they publicly available?
Could you share the exact verbiage they used to seemingly extort labor and intellectual property from you?
Does the university have some previously existing (and communicated/documented) policy regarding swapping or trading seats?
Honestly this. I agree the registrar can be shitbag; but having a method to request token access but also blocking the OP here even though he claims he never actually had real data on his site, but was planning on using the legally-requested-token to populate it in the future? That smells of half the story i think.
My guess being OP was probably running the service for months under-the-radar via scraping prior, and they didn't notice him until he requested the token to help clean up his data. Else they punished him before* he actually did anything wrong? yea, just smells.
Can you clarify how you got the Swagger files? Were they publicly available?
Could you share the exact verbiage they used to seemingly extort labor and intellectual property from you?
Does the university have some previously existing (and communicated/documented) policy regarding swapping or trading seats?