Unable to login/authorize with myschoolapp's OneRoster API

Kunal Ashar
Kunal Ashar
Fourth Anniversary Participant
in Blackbaud K–12 Education Solutions™ General Discussions
A school district that I work with, has a myschoolapp URL to their OneRoster API. The URL is like https://schooldistrictname.myschoolapp.com/ims/oneroster/v1p1

I have the key and secret  too.

I'm attempting to authorize against the OneRoster API URL, so that I can get the token that allows me to call the various APIs. However, I cannot seem to get the authorization to work. I'm using Postman as the temporary/test client.


Here's what happens:

1. When I visit https://schooldistrictname.myschoolapp.com/ims/oneroster/v1p1, it redirects to https://schooldistrictname.myschoolapp.com/ims/swagger/docs/v1p1.

2. When I try an POST or GET on any form of the URL, it gives me a 404 or 418 error. I've tried the following URLs as the base URL:

    a. https://schooldistrictname.myschoolapp.com/ims/swagger/docs/v1p1/token

    b. https://schooldistrictname.myschoolapp.com/ims

    c. https://schooldistrictname.myschoolapp.com/ims/oneoster

    d. https://schooldistrictname.myschoolapp.com/ims/token

    e. https://schooldistrictname.myschoolapp.com/ims/oneroster/token

    f. https://schooldistrictname.myschoolapp.com

    g. https://schooldistrictname.myschoolapp.com/ims/oauth

    h. https://schooldistrictname.myschoolapp.com/ims/oauth/token

    .... and many, many more


NONE of them work. I assume that I have to use the OAuth 1.0 or 2.0 protocol, and neither of them works.


What am I missing? How do I programmatically authorize against the myschoolapp OneRoster server?


Thanks in advance.
Tagged:

Comments

  • Ben Leddy
    Ben Leddy
    Fourth Anniversary Kudos 3 Name Dropper Participant
    Hi Kunal Ashar‍ -- There's a chance this might be related to the way you are formatting in Postman. I know you shared this quite awhile ago, but if you're still facing a challenge, feel free to shoot me a message!
  • Conor Lynch
    Conor Lynch
    Fourth Anniversary Facilitator 1
    Hi Kunal and Ben,


    I also am running in to this issue.

    I have tried accessing the API using OAuth 2.0 with the following information:

    Base URL: https://schooldistrictname.myschoolapp.com

    Token URL: https://schooldistrictname.myschoolapp.com/token

    scopes = 'https://purl.imsglobal.org/spec/or/v1p1/scope/roster-core.readonly'

    data = {

    'grant_type': 'client_credentials',

    'client_id': client_id,

    'client_secret': client_secret,

    'scope': scopes

    }

    I also use basic authentication to add the credentials in the request as well.


    With this configuration loaded into my json access token put request, I am receiving a 403 error.

    I have also tried adding the "/ims/oneroster/v1p1" to the base URL and trying to get a token with that and no luck.


    Any advice or guidance would be greatly appreciated. My next steps are to explore the SKY API as an alternative, although I am still uncertain as to whether or not that will fill my reporting needs.
  • Ben Leddy
    Ben Leddy
    Fourth Anniversary Kudos 3 Name Dropper Participant
    Hi Conor,


    We do not yet have OAuth 2.0 implemented for OneRoster, just OAuth 1.0a at this time, so I believe that could be the source of the issue. I would suggest checking the documentation we have on OneRoster setup here: https://webfiles.blackbaud.com/files/support/helpfiles/education/k12/full-help/content/bb-core-oauth.html?Highlight=oneroster


    Best,


    Ben
  • Conor Lynch
    Conor Lynch
    Fourth Anniversary Facilitator 1
    Hi Ben,


    Thank you for your response. I have looked through that documentation but it does not provide with greater information than 1. the endpoints, 2. the client credentials, and 3. {school}/ims/oneroster/v1p1/ as an important URL.


    I must be missing something, I have attempted to access the API first by doing a PUT request for a resource token at https://schooldistrictname.myschoolapp.com/ims/oneroster/v1p1/token and I receive a 418 error.


    I also tried just passing my client id and secret in my GET request to https://schooldistrictname.myschoolapp.com/ims/oneroster/v1p1/academicSessions, and that also returned a 418 error.


    Is there some kind of documentation that goes into exact detail where and how to authenticate with our OneRoster api?


    Or could you please provide clarity on 1. What is the token URL supposed to be? 2. Are the OAuth 1.0 Parameters (specified here: https://www.imsglobal.org/oneroster-v11-final-specification#_Toc480452003) required to be included in the token request?


    I really appreciate your help on this.
  • Ben Leddy
    Ben Leddy
    Fourth Anniversary Kudos 3 Name Dropper Participant
    Hi Conor,


    I'm sorry for these challenges. I think I'd need to understand more about your setup to help troubleshoot here. Feel free to shoot me an email (ben.leddy@blackbaud.me) and we can discuss in a bit more detail.


    Best,


    Ben

Categories