CampusLogic Services are secured using OAuth. Prior to invoking CampusLogic services, clients must first request a security token from the STS (secure token service.) A user name and password is required by the STS.


Figure1

CampusLogic STS

Request

Response

Example

CampusLogic Environments

Every request must contain a valid security token issued by the CampusLogic STS. Refer to Figure 1.

Figure 1 Download


Figure 1: Integration Diagram

Figure 1 depicts the following sequence:

  1. Consumer requests a security token from CampusLogic STS using credentials provided by CampusLogic.
  2. CampusLogic authenticates the credentials and issues a security token with that is set to expire after a set period of time.
  3. Consumer uses the security token to invoke CampusLogic Web Services.
  4. The CampusLogic Web Service response is received by Consumer.

CampusLogic STS




Development https://studentverification.accesscontrol.windows.net/WRAPv0.9/
Production https://verifymyfafsa.accesscontrol.windows.net/WRAPv0.9/
Environment
Endpoint

To following is an example request for a security token from the CampusLogic STS.

Request

Request URL: [CampusLogic STS
Root URL]/WRAPv0.9/
Request Method: Post

Request Body:
Name: wrap_name, Value: [user name]
Name: wrap_password,Value: [password]
Name: wrap_scope, Value: [CampusLogic Web Services Root URL]

Response

Response Body:
wrap_access_token=http%253a%252f%252fschemas.microsoft.com%252fws%252f2008%252f06%252fidentity%252fclaims%252frole%3dApi
%2bUser%26http%253a%252f%252fschemas.xmlsoap.org%252fws%252f2005%252f05%252fidentity%252fclaims%252fname%3dWGU%2bApi
%2bUser%26http%253a%252f%252fschemas.xmlsoap.org%252fws%252f2005%252f05%252fidentity%252fclaims%252fnameidentifier
%3ddev_wgu_system%26http%253a%252f%252fschemas.microsoft.com%252faccesscontrolservice%252f2010%252f07%252fclaims
%252fidentityprovider%3dhttps%253a%252f%252fstudentverification.accesscontrol.windows.net%252f%26Audience%3dhttps%253a
%252f%252fapidev.studentverification.com%253a5443%26ExpiresOn%3d1411470265%26Issuer%3dhttps%253a%252f
%252fstudentverification.accesscontrol.windows.net%252f%26HMACSHA256%3dlgRw8rwOXGG%252bjv
%252bDVyU7G3nqOQIMzIUqEa8BkojxwA8%253d&wrap_access_token_expires_in=59999


Each request made to a secured CampusLogic service must define a request header whose name is Authorization and value is in the following format:

WRAP access_token="[value of wrap_access_token from response body of the security token request]"

Note the following:

  • remove the "wrap_access_token=and "&wrap_access_token_expires_in={somenumber}" parts from the response body before sending it in the authorization header
  • the access_token value must have quotes around.
  • the response body above must be url decoded prior to use.

Example

WRAP access_token=

 "http%3a%2f%2fschemas.microsoft.com%2fws%2f2008%2f06%2fidentity%2fclaims%2frole=Api+User&http%3a%2f%2fschemas.xmlsoap.org%2fws%2f2005%2f05%2fidentity%2fclaims%2f

name=WGU+Api+User&http%3a%2f%2fschemas.xmlsoap.org%2fws%2f2005%2f05%2fidentity%2fclaims%2fnameidentifier=dev_wgu_system&http%3a%2f%2fschemas.microsoft.com%2f

accesscontrolservice%2f2010%2f07%2fclaims%2fidentityprovider=https%3a%2f%2fstudentverification.accesscontrol.windows.net%2f&Audience=https%3a%2f%2fapidev.studentverification.com%3a5443

&ExpiresOn=1411470265&Issuer=https%3a%2f%2fstudentverification.accesscontrol.windows.net%2f&HMACSHA256=lgRw8rwOXGG%2bjv%2bDVyU7G3nqOQIMzIUqEa8BkojxwA8%3d"


CampusLogic Environments

CampusLogic supports the environments shown in the table below.




Sandbox Development  https://apisandbox.studentverification.com:5443
Production Production https://api.verifymyfafsa.com:5443
Environment
STS Endpoint 
API Root URL