Setting Up Edu-API

This section describes the steps you need to take to set up Edu-API.

  1. Create a full access user.

    1. Navigate to PeopleTools > Security > User Profiles > User Profiles.

    2. Add a user.

    3. From Logon Information, fill out these fields:

      • Symbolic ID

      • Password. Set as not expired, if desired.

    4. From Permission Lists, add Row Security: HCCPCSSA7000 (Full EduApi access)

    5. From the ID page, configure users.

      • ID Type: None selected

      • Description: EduApi All Access

    6. From the Role page, add access for roles.

      • Scc_EduApi_All_Access (REST operation access)

      • PeopleSoft User (UI access)

    7. Save your changes.

  2. Create an Edu-API organization-specific user.

    1. Navigate to PeopleTools > Security > User Profiles > User Profiles.

    2. Add a user.

    3. From the General page, fill out Symbolic ID and Password.

    4. From Permission Lists, add Row Security: HCCPCSSA7002 (Edu-API Organization-Specific Access).

      We recommend you adjust or clone the permission list to match your business requirements

    5. From the ID page, configure users.

      • ID Type: None selected

      • Provide a description, for example: Edu-API Org GET Service Op Access.

    6. From the Roles page, add access for roles:

      • Scc_EduApi_Get (GET-only REST operation access)

      • PeopleSoft User (UI access)

    7. Save your changes.

    Note: Add the permission list for granting row-level security. Row-level access is managed in the SCC_EDUAPI_AUTH tree.

  1. Navigate to PeopleTools > Integration Broker > Integration Setup > Service Definitions.

  2. Enable REST Services.

    1. Search and open service.

    2. Enable the checkbox for REST Service.

    3. Click Search.

    4. Select the service SCC_EDUAPI_SERVER_R.

    5. Ignore SCC_EDUAPI_SERVER_R_POST.v1. This service operation is for future use.

  3. Open service operation SCC_EDUAPI_SERVER_R_GET.v1.

  4. Confirm operation is active.

  5. In Service Operation Security, ensure HCCPCSSA7000, HCCPCSSA7001, HCSPSERVICE are present

  6. From the Handlers page, confirm REQUESTHDLR On Request is active.

  7. From the Routings page:

    • If empty, then on the General page:

      1. In Routing Actions Upon Save, select Generate Any-to-Local.

      2. Save your changes, then go back to the Routings page.

    • If not empty, then select User Exception.

      • In Routing Definitions, confirm that the status is Active.

      • In Log Detail, select Header and Footer.

  8. Save your changes.

  1. Navigate to PeopleTools > Integration Broker > Web Services > Provide Web Services.

  2. In Search Criteria, select REST Service.

  3. Search for SCC_EDUAPI_SERVER_R, select it, then click Next.

  4. Select SCC_EDUAPI_SERVER_R_GET.v1, then click Next.

  5. Skip WADL view.

  6. Click Next, then Finish.

  7. Ignore the warning "Cannot generate WADL for Service SCC_EDUAPI_SERVER_R. No Schema defined for Message: SCC_EDUAPI_SERVER_R_RESP.V1."

  1. Navigate to Set Up SACR > System Administration > Integrations > Configure Integrations.

  2. From Campus Community - EduApi, set the Default Limit, typically 100.

  3. Set the Maximum Limit, say 1000 (depending on your hardware).

  4. Keep Logging Enabled clear.

  5. Create a new name usage for Edu-API.

    1. Navigate to Set Up SACR > Product Related > Campus Community > Establish People Processing > Setup > Name Usage Table.

    2. Add Name Usage according to your business requirements, for example EDUAPI.

    3. Add a description.

    4. In Usage Definition, add Usage Order and Name Types, for example 10 PRF; 20 PRI; 30 LEG.

    5. In Part of Name, make sure you select Full.

  6. Go to Set Up SACR > System Administration > Integrations > Configure Integrations.

  7. In EduApi:

    1. Add applicable Name Usage.

    2. Add applicable FormattedName, like NAME_DISPLAY.

    3. Add applicable Legal Name Type, like LEG.

    4. Set the appropriate values for Integration Start/End Date.

      Click View Term Session to review term begin and end dates.

    5. Save your changes.

  1. Navigate to Set Up SACR > Install > Campus Community Installation.

  2. From Biographic Fields, enable Pronouns as appropriate for your business.

  3. Save your changes.

Note: Setting which pronouns are available to a student or administrator is done by adding translate values for the SCC_PRONOUNS field in Application Designer.

  1. Navigate to Tree Manager > Tree Manager.

  2. Open tree SCC_EDUAPI_AUTH.

  3. For each node (representing an EDU API organization):

    1. Click node or Insert Child Node to add a node.

    2. Node Name as full Org ID (e.g., ROLE;CS - INSTRUCTOR).

    3. Click the red pencil icon to edit data.

    4. If empty, except for the root node, skip to the "Add missing child nodes" section and enter data for the root node, then return to this section.

    5. In EDU-API Organization Security:

      1. Add rows in grid: Primary Permission List, Authorization Level.

      2. Save your changes.

    6. Add missing child nodes.

      1. In any node, click Add Child Nodes.

      2. Confirm, then proceed.

      3. After operation, click Cancel and re-enter the tree to see changes.

    7. Use Propagate Authorizations to replace or append child node authorizations.

Alternatively, you can use this navigation to grand data access.

  1. Navigate to Set Up SACR > Security > Secure Student Administration > User ID > EDU-API Organization Security.

  2. Select Org Type and open Org ID.

  3. Proceed with edits and propagation as above.

  1. (Optional) Enable data query masking.

    1. Navigate to Enterprise Components > Data Privacy Framework > Query Masking > Query Masking System Settings.

    2. Select Enable Query Masking.

  2. Add records.

    1. Navigate to Enterprise Components > Data Privacy Framework > Maintain Data Privacy Settings.

    2. Add record fields as appropriate. For example, for national ID to be present in the payload, add record fields.

      • PERS_NID.NATIONAL_ID as person identifier, national identifier

      • PERS_NID.NATIONAL_ID_TYPE as person identifier, national identifier

    3. Save your changes.

  3. Authorize Roles for Query Masking.

    1. Navigate to Enterprise Components > Data Privacy Framework > Query Masking > Query Masking Authorized Roles.

    2. Add roles as appropriate to omit from payload. For example, the role EduApi_AllAccess would have authorization for fields of these records:

      • ADDRESSES

      • EMAIL_ADDRESSES

      • EMERGENCY_CNTCT

      • EMERGENCY_PHONE

      • PERSON

      • PERSONAL_PHONE

      • RELATIONSHIPS

      • SCC_AFL_PERSON

    National ID will only be displayed if the record PERS_NID field NATIONAL_ID is granted access code Authorized for that role. Otherwise, it's omitted from the Person payload.

    Unlike NATIONAL_ID, the other fields are granted access by default and don't need to be specified. If you specify access code Not Authorized to a record-field for a role, then that field will be omitted from the Person payload.

  4. Save your changes.