CampusLogic Services are secured using OAuth. Prior to invoking CampusLogic services, clients must first request a security token from the STS (secure token service.) A user name and password is required by the STS.
Figure1
CampusLogic STS
Request
Response
Example
CampusLogic Environments
Every request must contain a valid security token issued by the CampusLogic STS. Refer to Figure 1.
Figure 1: Integration Diagram
Figure 1 depicts the following sequence:
- Consumer requests a security token from CampusLogic STS using credentials provided by CampusLogic.
- CampusLogic authenticates the credentials and issues a security token with that is set to expire after a set period of time.
- Consumer uses the security token to invoke CampusLogic Web Services.
- The CampusLogic Web Service response is received by Consumer.
CampusLogic STS
Development | https://sandboxsts.campuslogic.com/sts/ |
Production | https://sts.campuslogic.com/sts/ |
Environment | Endpoint |
---|
The following is an example request for a security token from the CampusLogic STS.
Request
Request URL: [CampusLogic STS Root URL]/WRAPv0.9/ Request Method: Post Request Body: |
Response Body: wrap_access_token=http%253a%252f%252fschemas.microsoft.com%252fws%252f2008%252f06%252fidentity %252fclaims%252frole%3dApi%2bUser%26http%253a%252f%252fschemas.xmlsoap.org%252fws%252f2005 %252f05%252fidentity%252fclaims%252fname%3dWGU%2bApi%2bUser%26http%253a%252f%252fschemas .xmlsoap.org%252fws%252f2005%252f05%252fidentity%252fclaims%252fnameidentifier%3ddev_wgu_system %26http%253a%252f%252fschemas.microsoft.com%252faccesscontrolservice%252f2010%252f07%252fclaim s%252fidentityprovider%3dhttps%253a%252f%252fstudentforms.accesscontrol.windows.net%252f%26Au dience%3dhttps%253a%252f%252fapidev.studentforms.com%253a%26ExpiresOn%3d1411470265%26Is suer%3dhttps%253a%252f%252fstudentforms.accesscontrol.windows.net%252f%26HMACSHA256%3dlg Rw8rwOXGG%252bjv%252bDVyU7G3nqOQIMzIUqEa8BkojxwA8%253d&wrap_access_token_expires_in=599 99 |
Each request made to a secured CampusLogic service must define a request header whose name is Authorization and value is in the following format:
WRAP access_token="[value of wrap_access_token from response body of the security token request]"
Note the following:
- remove the "wrap_access_token=and "&wrap_access_token_expires_in={somenumber}" parts from the response body before sending it in the authorization header
- the access_token value must have quotes around.
- the response body above must be url decoded prior to use.
Example
WRAP access_token= "http%3a%2f%2fschemas.microsoft.com%2fws%2f2008%2f06%2fidentity%2fclaims%2frole=Api+User&http%3 a%2f%2fschemas.xmlsoap.org%2fws%2f2005%2f05%2fidentity%2fclaims%2fname=WGU+Api+User&http%3a %2f%2fschemas.xmlsoap.org%2fws%2f2005%2f05%2fidentity%2fclaims%2fnameidentifier=dev_wgu_system& http%3a%2f%2fschemas.microsoft.com%2faccesscontrolservice%2f2010%2f07%2fclaims%2fidentityprovider= https%3a%2f%2fstudentforms.accesscontrol.windows.net%2f&Audience=https%3a%2f%2fapidev.studentforms .com%3a&ExpiresOn=1411470265&Issuer=https%3a%2f%2fstudentforms.accesscontrol.wind ows.net%2f&HMACSHA256=lgRw8rwOXGG%2bjv%2bDVyU7G3nqOQIMzIUqEa8BkojxwA8%3d" |
CampusLogic Web Services Root URL
Development | https://apisandbox.studentforms.com/ |
Production | https://api.studentforms.com/ |
Environment | Endpoint |
---|