CampusLogic Services are secured using OAuth. Prior to invoking CampusLogic services, clients must first request a security token from the STS (secure token service.) A user name and password is required by the STS.


Figure1

CampusLogic STS

Request

Response

Example

CampusLogic Environments

Every request must contain a valid security token issued by the CampusLogic STS. Refer to Figure 1.


Figure 1 Download



Figure 1: Integration Diagram

Figure 1 depicts the following sequence: 

  1. Consumer requests a security token from CampusLogic STS using credentials provided by CampusLogic. 
  2. CampusLogic authenticates the credentials and issues a security token with that is set to expire after a set period of time. 
  3. Consumer uses the security token to invoke CampusLogic Web Services. 
  4. The CampusLogic Web Service response is received by Consumer. 

CampusLogic STS



Development


https://sandboxsts.campuslogic.com/sts/


Production


https://sts.campuslogic.com/sts/

Environment
Endpoint


The following is an example request for a security token from the CampusLogic STS.

Request

Request URL: [CampusLogic STS Root URL]/WRAPv0.9/
Request Method: Post

Request Body:
Name: wrap_name, Value: [user name]
Name: wrap_password,Value: [password]
Name: wrap_scope, Value: [CampusLogic Web Services Root URL]

Response

Response Body:
wrap_access_token=http%253a%252f%252fschemas.microsoft.com%252fws%252f2008%252f06%252fidentity
%252fclaims%252frole%3dApi%2bUser%26http%253a%252f%252fschemas.xmlsoap.org%252fws%252f2005
%252f05%252fidentity%252fclaims%252fname%3dWGU%2bApi%2bUser%26http%253a%252f%252fschemas
.xmlsoap.org%252fws%252f2005%252f05%252fidentity%252fclaims%252fnameidentifier%3ddev_wgu_system
%26http%253a%252f%252fschemas.microsoft.com%252faccesscontrolservice%252f2010%252f07%252fclaim
s%252fidentityprovider%3dhttps%253a%252f%252fstudentforms.accesscontrol.windows.net%252f%26Au
dience%3dhttps%253a%252f%252fapidev.studentforms.com%253a%26ExpiresOn%3d1411470265%26Is
suer%3dhttps%253a%252f%252fstudentforms.accesscontrol.windows.net%252f%26HMACSHA256%3dlg
Rw8rwOXGG%252bjv%252bDVyU7G3nqOQIMzIUqEa8BkojxwA8%253d&wrap_access_token_expires_in=599
99
 

Each request made to a secured CampusLogic service must define a request header whose name is Authorization and value is in the following format:

   

WRAP access_token="[value of wrap_access_token from response body of the security token request]"

   

Note the following:

   
  • remove the "wrap_access_token=and "&wrap_access_token_expires_in={somenumber}" parts from the response body before sending it in the authorization header
  • the access_token value must have quotes around.
  • the response body above must be url decoded prior to use. 

Example

 
WRAP access_token=

 "http%3a%2f%2fschemas.microsoft.com%2fws%2f2008%2f06%2fidentity%2fclaims%2frole=Api+User&http%3

a%2f%2fschemas.xmlsoap.org%2fws%2f2005%2f05%2fidentity%2fclaims%2fname=WGU+Api+User&http%3a

%2f%2fschemas.xmlsoap.org%2fws%2f2005%2f05%2fidentity%2fclaims%2fnameidentifier=dev_wgu_system&

http%3a%2f%2fschemas.microsoft.com%2faccesscontrolservice%2f2010%2f07%2fclaims%2fidentityprovider=

https%3a%2f%2fstudentforms.accesscontrol.windows.net%2f&Audience=https%3a%2f%2fapidev.studentforms

.com%3a&ExpiresOn=1411470265&Issuer=https%3a%2f%2fstudentforms.accesscontrol.wind

ows.net%2f&HMACSHA256=lgRw8rwOXGG%2bjv%2bDVyU7G3nqOQIMzIUqEa8BkojxwA8%3d"



CampusLogic Web Services Root URL