Integration.md
... ...
@@ -1,60 +1,5 @@
1 1
Tools and information for 3rd party integrators
2 2
3
-## OpenID Connect
4
-
5
-SmartCentral and Kindyhub Admin supports the OpenID Connect specification as an Identity Provider.
6
-
7
-Resources for specifications and sample code libraries:
8
-
9
-* [[http://openid.net/connect/]]
10
-
11
-* [[https://github.com/IdentityModel/IdentityModel.OidcClient]]
12
-
13
-FAQ
14
-
15
-* [[http://openid.net/connect/faq/]]
16
-
17
-
18
-Our OpenID entry point for staging is:
19
-
20
-* [[http://test.smartcentral.net/authorizations/new/]]
21
-
22
-To get JWK public keys :
23
-
24
-* [[http://test.smartcentral.net/jwks.json]]
25
-
26
-Create your own test account :
27
-
28
-* [[http://test.smartcentral.net/user/new/]]
29
-
30
-
31
-### Implicit flow
32
-
33
-* 3rd party sends authorisation request
34
-
35
-http://test.smartcentral.net/authorizations/new/?client_id=fancy_app&response_type=id_token%20token&scope=openid%20email&nonce=1234&redirect_uri=http://localhost:3001/auth
36
-
37
-* SmartCentral redirects end user to login page if not logged in, after end user's authorisation, send the following fields (http form fields encoded) to redirect_uri provided by 3rd party.
38
-
39
- * access_token
40
- * id_tokenhttps://wiki.smartcentral.net/livepreview/images/save_24.png
41
- * token_type
42
-
43
-* After 3rd party received id_token (JWT format), the id token should be verified using the public key provided by SmartCentral http://test.smartcentral.net/jwks.json
44
-
45
-* To get readble information of the user, 3rd party sends GET request with access token returned by SmartCentral to http://test.smartcentral.net/user_info?access_token=abcd
46
-
47
-* User info returns the following fields:
48
- * subject (SmartCentral user unique id)
49
- * name
50
- * email
51
-
52
-### Microsft Active Directory Bridging
53
-
54
-The following resources contain information on enabling the use of AD to be an OpenID identity provider:
55
-
56
-* https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc
57
-* https://docs.microsoft.com/en-us/powerapps/maker/portals/configure/configure-openid-settings
58 3
59 4
## GraphQL
60 5
... ...
@@ -68,15 +13,8 @@ Contact us for end points and authentication when you are ready.
68 13
69 14
Schema definition is [here](https://graphqldocs.v.smartcentral.net/).
70 15
71
-#### Schema Changelog
72 16
73
-* 2022-10-05 The enrolments can be filtered by start and end dates.
74
-* 2022-10-05 Added support to query enrolment applications and staff attendance records.
75
-* 2021-10-26 [SCHEMA DIFF](/uploads/schema_diff_20211026.diff/82ef67152fae927f92196b67f5b3373a0f609493)
76
-* 2021-10-26 Added support for optionally querying an individual enrolment
77
-* 2021-10-26 Added child ID as a queryable attribute of service/sessions and service/booked_sessions
78
-* 2021-10-26 Modified implementation of 'booking' object to better handle casual bookings
79
-* 2021-07-31 Added Contacts list to child object
17
+## Examples
80 18
81 19
82 20
### Get a list of enrolments
... ...
@@ -231,3 +169,65 @@ https://brave-sack.surge.sh/object/staffatt/
231 169
}
232 170
```
233 171
172
+# Authentication
173
+
174
+## Fixed Token
175
+
176
+A fixed token will be assigned to the integration partner for server to server integration.
177
+
178
+## OpenID Connect
179
+
180
+
181
+SmartCentral supports the OpenID Connect specification as an Identity Provider.
182
+
183
+Resources for specifications and sample code libraries:
184
+
185
+* [[http://openid.net/connect/]]
186
+
187
+* [[https://github.com/IdentityModel/IdentityModel.OidcClient]]
188
+
189
+FAQ
190
+
191
+* [[http://openid.net/connect/faq/]]
192
+
193
+
194
+Our OpenID entry point for staging is:
195
+
196
+* [[http://test.smartcentral.net/authorizations/new/]]
197
+
198
+To get JWK public keys :
199
+
200
+* [[http://test.smartcentral.net/jwks.json]]
201
+
202
+Create your own test account :
203
+
204
+* [[http://test.smartcentral.net/user/new/]]
205
+
206
+
207
+### Implicit flow
208
+
209
+* 3rd party sends authorisation request
210
+
211
+http://test.smartcentral.net/authorizations/new/?client_id=fancy_app&response_type=id_token%20token&scope=openid%20email&nonce=1234&redirect_uri=http://localhost:3001/auth
212
+
213
+* SmartCentral redirects end user to login page if not logged in, after end user's authorisation, send the following fields (http form fields encoded) to redirect_uri provided by 3rd party.
214
+
215
+ * access_token
216
+ * id_tokenhttps://wiki.smartcentral.net/livepreview/images/save_24.png
217
+ * token_type
218
+
219
+* After 3rd party received id_token (JWT format), the id token should be verified using the public key provided by SmartCentral http://test.smartcentral.net/jwks.json
220
+
221
+* To get readble information of the user, 3rd party sends GET request with access token returned by SmartCentral to http://test.smartcentral.net/user_info?access_token=abcd
222
+
223
+* User info returns the following fields:
224
+ * subject (SmartCentral user unique id)
225
+ * name
226
+ * email
227
+
228
+### Microsft Active Directory Bridging
229
+
230
+The following resources contain information on enabling the use of AD to be an OpenID identity provider:
231
+
232
+* https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc
233
+* https://docs.microsoft.com/en-us/powerapps/maker/portals/configure/configure-openid-settings
... ...
\ No newline at end of file