CampusLogic Services are secured using OAuth. Prior to invoking CampusLogic services, clients must first request a security token from the STS (secure token service.) A user name and password is required by the STS.
Figure1
CampusLogic STS
Request
Response
Example
CampusLogic Environments
Every request must contain a valid security token issued by the CampusLogic STS. Refer to Figure 1.
Figure 1: Integration Diagram
Figure 1 depicts the following sequence:
- Consumer requests a security token from CampusLogic STS using credentials provided by CampusLogic.
- CampusLogic authenticates the credentials and issues a security token with that is set to expire after a set period of time.
- Consumer uses the security token to invoke CampusLogic Web Services.
- The CampusLogic Web Service response is received by Consumer.
CampusLogic STS
Development | https://sandboxsts.campuslogic.com/sts/ |
Production | https://sts.campuslogic.com/sts/ |
Environment | Endpoint |
---|
To following is an example request for a security token from the CampusLogic STS.
Request
Request URL: [CampusLogic STS Root URL]/WRAPv0.9/ Request Method: Post Request Body: |
Response Body: wrap_access_token=http%253a%252f%252fschemas.microsoft.com%252fws%252f2008%252f06%252fidentity%252fclaims%252frole%3dApi %2bUser%26http%253a%252f%252fschemas.xmlsoap.org%252fws%252f2005%252f05%252fidentity%252fclaims%252fname%3dWGU%2bApi %2bUser%26http%253a%252f%252fschemas.xmlsoap.org%252fws%252f2005%252f05%252fidentity%252fclaims%252fnameidentifier %3ddev_wgu_system%26http%253a%252f%252fschemas.microsoft.com%252faccesscontrolservice%252f2010%252f07%252fclaims %252fidentityprovider%3dhttps%253a%252f%252fstudentverification.accesscontrol.windows.net%252f%26Audience%3dhttps%253a %252f%252fapidev.studentverification.com%253a5443%26ExpiresOn%3d1411470265%26Issuer%3dhttps%253a%252f %252fstudentverification.accesscontrol.windows.net%252f%26HMACSHA256%3dlgRw8rwOXGG%252bjv %252bDVyU7G3nqOQIMzIUqEa8BkojxwA8%253d&wrap_access_token_expires_in=59999 |
Each request made to a secured CampusLogic service must define a request header whose name is Authorization and value is in the following format:
WRAP access_token="[value of wrap_access_token from response body of the security token request]"
Note the following:
- remove the "wrap_access_token=and "&wrap_access_token_expires_in={somenumber}" parts from the response body before sending it in the authorization header
- the access_token value must have quotes around.
- the response body above must be url decoded prior to use.
Example
WRAP access_token= "http%3a%2f%2fschemas.microsoft.com%2fws%2f2008%2f06%2fidentity%2fclaims%2frole=Api+User&http%3a%2f%2fschemas.xmlsoap.org%2fws%2f2005%2f05%2fidentity%2fclaims%2f name=WGU+Api+User&http%3a%2f%2fschemas.xmlsoap.org%2fws%2f2005%2f05%2fidentity%2fclaims%2fnameidentifier=dev_wgu_system&http%3a%2f%2fschemas.microsoft.com%2f accesscontrolservice%2f2010%2f07%2fclaims%2fidentityprovider=https%3a%2f%2fstudentverification.accesscontrol.windows.net%2f&Audience=https%3a%2f%2fapidev.studentverification.com%3a5443 &ExpiresOn=1411470265&Issuer=https%3a%2f%2fstudentverification.accesscontrol.windows.net%2f&HMACSHA256=lgRw8rwOXGG%2bjv%2bDVyU7G3nqOQIMzIUqEa8BkojxwA8%3d" |
CampusLogic Environments
CampusLogic supports the environments shown in the table below.
Sandbox | Development | https://apisandbox.studentverification.com:5443 |
Production | Production | https://api.verifymyfafsa.com:5443 |
Environment | STS Endpoint | API Root URL |
---|