Open Menu

© 2018 Capita Business Services Ltd. All rights reserved.

Capita Education Software Solutions is a trading name of Capita Business Services Ltd. Our Registered office is 30 Berners Street, London, W1T 3LR and our registered number is 02299747. Further information about Capita plc can be found in our legal statement.

Product / Finance - Our ESS finance products / FNG - Finance Next Generation / FNG - API Security Model

FNG - API Security Model

Finance Next Gen

We’re building an integrated cloud-based finance solution with new functionality for Multi-Academy Trusts (MATs);

Our latest finance solution will streamline school budget management and simplify statutory reporting for all schools including LA/Maintained, Independents and MATs/school groups.

Key benefits:

  • In the cloud - secure and flexible access anywhere, anytime
  • Easy to navigate - complete key tasks quicker and with less effort
  • Retained database structure - simple migration, no training needed and all historical data preserved
  • High quality integration- everything 'under one roof' in one MIS and all current interfaces retained
  • Understands school groups - new functionality for MATs;

How Does this impact on Integration?

API Calls

The on premise APIs will be replaced with equivalent APIs delivered as Restful APIs secured by SIMS ID.

For example, Budget Management will have equivalent APIs to the on premise APIs.

  • Get Chart Of Accounts
  • Get Financial Years
  • Post Budget

The FMS 6 APIs return or accept XML in a known format, the FNG Web APIs will return exactly the same XML and do the hope is that third party applications can be re-plumbed rather than re-written. 

Security Model

All technical integrators (TI) will be registered in SIMS ID.  Users will harvest a set of client credentials which they extract using a login provided to SIMS ID.  There is one set of client credentials per vendor and so the JWT token identifies the calling application.

Within FNG, an application grant will be created.  This will be configured with:

  • The name of the application.
  • FNG will create a pre-shared key (PSK)
  • The email of the TI's support which will used to share the FNG PSK.
  • A field to collect a PSK produced by the TI. (GUID expected)
  • A selection of specific grants that the application is given access to.

The expectation will be that TIs provide the list of grants required by their application.

Calls will pass the JWT and both PSKs with each request to get access to the data.