© 2018 Capita Business Services Ltd. All rights reserved.

Capita Education Software Solutions is a trading name of Capita Business Services Ltd. Our Registered office is 30 Berners Street, London, W1T 3LR and our registered number is 02299747. Further information about Capita plc can be found in our legal statement.

Web Access - Hello World

Work in progress

In order to access data via the web, the following steps are required.

  1. Get an API Manager Key
  2. Get an Organisation ID
  3. Get an access token
  4. Make a call

This article deliberately ignores a lot of important background and scaffolding needed to create and maintain an application but seeks to demonstrate that the underlying engineering is simple and hopes to achieve success within a few minutes.

Securables

Securable Value Notes
API Manager Key e3160e947ac44fa4a4135a3e2bd29c1e One per vendor
Organisation ID 5C030578-1832-4C66-80C4-0E5DEB68D3FE Unique ID
ClientID sas-simsprimary-1ceb71f8-7296-430e-b046-b285d6e0b837 One per school / app
Secret eedkxPEveR1hRdr_ One per school / app

Credentials Updated on 19/01/2022

Get Postman

At the time of writing Postman was able FOC for use.  However, any use of another vendor's software / IP is subject to that vendor's Ts and Cs and License Terms.  Compliance with Postman's license is the responsibility of the end user.

Click Here

Get An Access Token

Create an environment

Postman Environment

Graphic shows old credentials which have been updated in the download below.  Please refresh

You can download the configuration and import this file in to postman.

Create a call

You can download and import the API calls below from this file.

Item Value Notes
STS Server https://sts.sims.co.uk/connect/token?Content-Type Token Server URL
Verb POST  

Set the header

Name Value
Content-Type application/x-www-form-urlencoded

Add the body

Name Value
grant_type client_credentials
client_id {{client_id}}
client_secret {{client_secret}}
scope {{scope}}
acr_values orgselected:{{organisation_id}}

Add a Test

var data = JSON.parse(responseBody);
postman.setEnvironmentVariable("token", data.access_token);

This makes 'token' available to other calls and will contain the bearer token.

Send

Press Send

Response

{
    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6ImFGUmNlZ1VJVlNtdUEwREhsWVFvd2RQajc1VSIsImtpZCI6ImFGUmNlZ1VJVlNtdUEwREhsWVFvd2RQajc1VSJ9.eyJpc3MiOiJodHRwczovL3N0cy5zaW1zLmNvLnVrLyIsImF1ZCI6Imh0dHBzOi8vc3RzLnNpbXMuY28udWsvcmVzb3VyY2VzIiwiZXhwIjoxNjQwMDk5MTg4LCJuYmYiOjE2NDAwOTU1ODgsImNsaWVudF9pZCI6InNhcy1zaW1zcHJpbWFyeS0yM2EwODRkZS0yOWE5LTQ4YjItOWMwNi0zYjViNzc5NzZmZWEiLCJzY29wZSI6WyJwYXJ0bmVyIiwicGFydG5lcnNlcnZlcmFwcGxpY2F0aW9uIl0sInN1YiI6InNhcy1zaW1zcHJpbWFyeS0yM2EwODRkZS0yOWE5LTQ4YjItOWMwNi0zYjViNzc5NzZmZWEiLCJ1c2Vyb3JnYW5pc2F0aW9uaWRlbnRpZmllciI6Inw1QzAzMDU3OC0xODMyLTRDNjYtODBDNC0wRTVERUI2OEQzRkV8UyIsInZlbmRvcmlkIjoiMDAwMDAwMDAtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAwIiwiYXBwbGljYXRpb25pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCIsImFwcGxpY2F0aW9ubmFtZSI6IlVOS05PV04tU0lNUyBQcmltYXJ5IENsaWVudCBmb3IgOTk5IDEyMzQifQ.UW6WMAGAkIK_UeYl4db7tzbuhAzZPZi2YYQ_xZbBQFOrqt5STuBlsUerUBDxZWRnGcyhvksRU-Ak4QRqKsM1A6Nx7tLuPjhPXAFv7HJCIow2Gzgy-sxfnoHT3d6V-qss4m5xiY7TDIg9wYkLXdJQULDhLQzTpAfMsHmSZdSaJw_h5b8LQE3sI5HvLnrbV-fj2XzCyW1kgMIYIwelW-jsW9Xvrql96ET8q6b0Dnxn7ZDOfc9kEmRKf06rWuLKB9jaotr3dCKT8FjeNFcUpoMemX-DeFeen-_eVysuQPsiZvu_pQQTbjvlrYCLWBSE760jZOXahCEAsxuGp8lTHHCzmw",
    "expires_in": 3600,
    "token_type": "Bearer"
}

Use JWT.IO to decode 

{
  "iss": "https://sts.sims.co.uk/",
  "aud": "https://sts.sims.co.uk/resources",
  "exp": 1640099188,
  "nbf": 1640095588,
  "client_id": "sas-simsprimary-fc46045f-ee3c-4bed-af03-f42c1789825d",
  "scope": [
    "partner",
    "partnerserverapplication"
  ],
  "sub": "sas-simsprimary-fc46045f-ee3c-4bed-af03-f42c1789825d",
  "userorganisationidentifier": "|5C030578-1832-4C66-80C4-0E5DEB68D3FE|S",
  "vendorid": "00000000-0000-0000-0000-000000000000",
  "applicationid": "00000000-0000-0000-0000-000000000000",
  "applicationname": "UNKNOWN-SIMS Primary Client for 999 1234"
}

 

Create a new Tab

Create a call

Item Value Notes
Data Call https://seli00apm01.azure-api.net/dex/Learner/odata/v3/LearnerPersonals Learner Personals
Verb GET  

Set the header

Name Value
Content-Type application/json
Authorization Bearer {{token}}
Ocp-Apim-Subscription-Key {{subscription_key}}

Body (Empty)

Name Value
   
   

 

Data Returned

{"error":"The Account is not associated with any Organisations"}

WIP

Conclusion

Other examples will show alternative mechanisms to get data.  The hope and expectation is that with the few simple steps above, potential integrators will see how simple the integration is in principle.  As with all development, there is a whole host of work required to build and deploy a secure and tested application for customers to use; however if our services allow TIs to focus on their added value then significant progress has been made.