Aeries OneRoster API

[Darren Severino]

Has anyone been able to get the "Aeries OneRoster API" to work with a real customer? I'm covering for all of the ways they are breaking the standard, (incorrect OAuth version and token endpoint and the load balancer cookie),  and I can't get anything from any Aeries server except for the demo environment. Typically, I can't get past getting the access_token and always receive an HTTP 400. Sometimes I get an access_token back but when I use it to try to get orgs from /ims/oneroster/v1p1/orgs I get an HTTP 401.

Thanks,

Darren

[ho...@aeries.com]

Hi Darren,

If you are not using Method A: Client Credentials Flow in our documentation then give it a try. (https://support.aeries.com/support/solutions/articles/14000065677-oneroster-api-authentication-process). Which district are you working with? If the district that you are working with is hosted with Aeries then our admin can help to create a unique URL to bypass our load balancer issue.

Hoan

[Darren Severino]

That'd be nice but I think I've already got the cookies accounted for. I'm simply trying to get this to work in Postman at this point, and it does on your demo server. I'll email you customer details directly.

Thank you!

[Elizabeth Nelson]

We use it with ClassLink and it works great!

--
You received this message because you are subscribed to the Google Groups "Interfacing With Aeries" group.
To unsubscribe from this group and stop receiving emails from it, send an email to interfacing-with-...@googlegroups.com.
To post to this group, send email to interfacing...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/interfacing-with-aeries/e695702d-e3dd-40cd-a17b-92d50dd2dbe7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Camden Iliff]

The HTTP 401 error would normally be caused by a district not ranting you enough permissions.  As for the HTTP 400 errors I don't have a magic bullet.  We would need to work together to get it resolved.  We'd probably need to see the structure of your request.

 

And as for the OAuth version issue, One Roster chose to use an outdated, insecure version of OAuth that Google and other major players recommend against using in solutions.  We took the stance that we needed to secure student information in the best way possible and chose to use the OAuth 2 standard.  We know that didn't match the actual One Roster standard, but student data security is our most important task.

 

Camden Iliff

Vice President, Product Development Aeries® Student Information System

 

1065 N Pacificenter Dr, Suite 400 Anaheim, CA 92806 Office: (888) 487-7555 www.aeries.com c...@aeries.com

 

   

To view this discussion on the web visit https://groups.google.com/d/msgid/interfacing-with-aeries/CY4PR10MB18325DED675D48CC6BBA8CD0B72B0%40CY4PR10MB1832.namprd10.prod.outlook.com.

[Darren Severino]

Thanks Cam, this is what I thought. Is there a list of permissions they would need to give us?

We’re calling /ims/oneroster/v1p1:

/orgs

/teachers

/students

/schools/{schoolId}/courses

/schools/{schoolId}/classes

/schools/{schoolId}/classes/{classId}/enrollments

Thanks,

Darren

On Jul 26, 2018, at 09:46, Camden Iliff <c...@aeries.com> wrote:

The HTTP 401 error would normally be caused by a district not ranting you enough permissions.  As for the HTTP 400 errors I don't have a magic bullet.  We would need to work together to get it resolved.  We'd probably need to see the structure of your request.

 

And as for the OAuth version issue, One Roster chose to use an outdated, insecure version of OAuth that Google and other major players recommend against using in solutions.  We took the stance that we needed to secure student information in the best way possible and chose to use the OAuth 2 standard.  We know that didn't match the actual One Roster standard, but student data security is our most important task.

 

Camden Iliff

Vice President, Product Development Aeries® Student Information System

 

<image005.png>

1065 N Pacificenter Dr, Suite 400 Anaheim, CA 92806 Office: (888) 487-7555 www.aeries.com c...@aeries.com

 

<image006.png> <image007.png> <image008.png> 

-- 
You received this message because you are subscribed to a topic in the Google Groups "Interfacing With Aeries" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/interfacing-with-aeries/jb5g0zORpfU/unsubscribe.
To unsubscribe from this group and all its topics, send an email to interfacing-with-...@googlegroups.com.

To post to this group, send email to interfacing...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/interfacing-with-aeries/MWHPR08MB270413AB69183B599B3BB1AAD32B0%40MWHPR08MB2704.namprd08.prod.outlook.com.

[JD McKeel]

Darren,

Here are the Aeries permissions that map to the endpoints you've requested:

/orgs - "Schools"

/teachers - "Teacher Data"

/students - "Student Data"

/schools/{schoolId}/classes - "Master Schedule"

/schools/{schoolId}/classes/{classId}/enrollments  - "Classes"

/schools/{schoolId}/courses - This endpoint is not implemented because Aeries courses are district-based, not school-based. You will get a 501 response.

If you absolutely need to build a list of courses by school, I suggest making a request to the getClassesForSchool endpoint using field selection and then keeping the distinct course sourcedId values.
E.g., /schools/{schoolId}/classes?fields=course

JD McKeel

Quality Control / Developer Aeries® SIS

1065 N Pacificenter Dr Anaheim, CA 92806 Office: (888) 487-7555 www.aeries.com j...@aeries.com

---

From: interfacing...@googlegroups.com <interfacing...@googlegroups.com> on behalf of Darren Severino <darren....@gmail.com>
Sent: Thursday, July 26, 2018 9:06 AM
To: interfacing...@googlegroups.com
Subject: Re: [interfacing-with-aeries] Aeries OneRoster API

 

To view this discussion on the web visit https://groups.google.com/d/msgid/interfacing-with-aeries/ED0ECF0B-D297-4258-977E-9116BF7091F8%40gmail.com.