ce593d0fca3103cc16fa6347a1810b194df1b676
Integration.md
... | ... | @@ -1,60 +1,5 @@ |
1 | 1 | Tools and information for 3rd party integrators |
2 | 2 | |
3 | -## OpenID Connect |
|
4 | - |
|
5 | -SmartCentral and Kindyhub Admin supports the OpenID Connect specification as an Identity Provider. |
|
6 | - |
|
7 | -Resources for specifications and sample code libraries: |
|
8 | - |
|
9 | -* [[http://openid.net/connect/]] |
|
10 | - |
|
11 | -* [[https://github.com/IdentityModel/IdentityModel.OidcClient]] |
|
12 | - |
|
13 | -FAQ |
|
14 | - |
|
15 | -* [[http://openid.net/connect/faq/]] |
|
16 | - |
|
17 | - |
|
18 | -Our OpenID entry point for staging is: |
|
19 | - |
|
20 | -* [[http://test.smartcentral.net/authorizations/new/]] |
|
21 | - |
|
22 | -To get JWK public keys : |
|
23 | - |
|
24 | -* [[http://test.smartcentral.net/jwks.json]] |
|
25 | - |
|
26 | -Create your own test account : |
|
27 | - |
|
28 | -* [[http://test.smartcentral.net/user/new/]] |
|
29 | - |
|
30 | - |
|
31 | -### Implicit flow |
|
32 | - |
|
33 | -* 3rd party sends authorisation request |
|
34 | - |
|
35 | -http://test.smartcentral.net/authorizations/new/?client_id=fancy_app&response_type=id_token%20token&scope=openid%20email&nonce=1234&redirect_uri=http://localhost:3001/auth |
|
36 | - |
|
37 | -* SmartCentral redirects end user to login page if not logged in, after end user's authorisation, send the following fields (http form fields encoded) to redirect_uri provided by 3rd party. |
|
38 | - |
|
39 | - * access_token |
|
40 | - * id_tokenhttps://wiki.smartcentral.net/livepreview/images/save_24.png |
|
41 | - * token_type |
|
42 | - |
|
43 | -* After 3rd party received id_token (JWT format), the id token should be verified using the public key provided by SmartCentral http://test.smartcentral.net/jwks.json |
|
44 | - |
|
45 | -* To get readble information of the user, 3rd party sends GET request with access token returned by SmartCentral to http://test.smartcentral.net/user_info?access_token=abcd |
|
46 | - |
|
47 | -* User info returns the following fields: |
|
48 | - * subject (SmartCentral user unique id) |
|
49 | - * name |
|
50 | - * email |
|
51 | - |
|
52 | -### Microsft Active Directory Bridging |
|
53 | - |
|
54 | -The following resources contain information on enabling the use of AD to be an OpenID identity provider: |
|
55 | - |
|
56 | -* https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc |
|
57 | -* https://docs.microsoft.com/en-us/powerapps/maker/portals/configure/configure-openid-settings |
|
58 | 3 | |
59 | 4 | ## GraphQL |
60 | 5 | |
... | ... | @@ -68,15 +13,8 @@ Contact us for end points and authentication when you are ready. |
68 | 13 | |
69 | 14 | Schema definition is [here](https://graphqldocs.v.smartcentral.net/). |
70 | 15 | |
71 | -#### Schema Changelog |
|
72 | 16 | |
73 | -* 2022-10-05 The enrolments can be filtered by start and end dates. |
|
74 | -* 2022-10-05 Added support to query enrolment applications and staff attendance records. |
|
75 | -* 2021-10-26 [SCHEMA DIFF](/uploads/schema_diff_20211026.diff/82ef67152fae927f92196b67f5b3373a0f609493) |
|
76 | -* 2021-10-26 Added support for optionally querying an individual enrolment |
|
77 | -* 2021-10-26 Added child ID as a queryable attribute of service/sessions and service/booked_sessions |
|
78 | -* 2021-10-26 Modified implementation of 'booking' object to better handle casual bookings |
|
79 | -* 2021-07-31 Added Contacts list to child object |
|
17 | +## Examples |
|
80 | 18 | |
81 | 19 | |
82 | 20 | ### Get a list of enrolments |
... | ... | @@ -231,3 +169,65 @@ https://brave-sack.surge.sh/object/staffatt/ |
231 | 169 | } |
232 | 170 | ``` |
233 | 171 | |
172 | +# Authentication |
|
173 | + |
|
174 | +## Fixed Token |
|
175 | + |
|
176 | +A fixed token will be assigned to the integration partner for server to server integration. |
|
177 | + |
|
178 | +## OpenID Connect |
|
179 | + |
|
180 | + |
|
181 | +SmartCentral supports the OpenID Connect specification as an Identity Provider. |
|
182 | + |
|
183 | +Resources for specifications and sample code libraries: |
|
184 | + |
|
185 | +* [[http://openid.net/connect/]] |
|
186 | + |
|
187 | +* [[https://github.com/IdentityModel/IdentityModel.OidcClient]] |
|
188 | + |
|
189 | +FAQ |
|
190 | + |
|
191 | +* [[http://openid.net/connect/faq/]] |
|
192 | + |
|
193 | + |
|
194 | +Our OpenID entry point for staging is: |
|
195 | + |
|
196 | +* [[http://test.smartcentral.net/authorizations/new/]] |
|
197 | + |
|
198 | +To get JWK public keys : |
|
199 | + |
|
200 | +* [[http://test.smartcentral.net/jwks.json]] |
|
201 | + |
|
202 | +Create your own test account : |
|
203 | + |
|
204 | +* [[http://test.smartcentral.net/user/new/]] |
|
205 | + |
|
206 | + |
|
207 | +### Implicit flow |
|
208 | + |
|
209 | +* 3rd party sends authorisation request |
|
210 | + |
|
211 | +http://test.smartcentral.net/authorizations/new/?client_id=fancy_app&response_type=id_token%20token&scope=openid%20email&nonce=1234&redirect_uri=http://localhost:3001/auth |
|
212 | + |
|
213 | +* SmartCentral redirects end user to login page if not logged in, after end user's authorisation, send the following fields (http form fields encoded) to redirect_uri provided by 3rd party. |
|
214 | + |
|
215 | + * access_token |
|
216 | + * id_tokenhttps://wiki.smartcentral.net/livepreview/images/save_24.png |
|
217 | + * token_type |
|
218 | + |
|
219 | +* After 3rd party received id_token (JWT format), the id token should be verified using the public key provided by SmartCentral http://test.smartcentral.net/jwks.json |
|
220 | + |
|
221 | +* To get readble information of the user, 3rd party sends GET request with access token returned by SmartCentral to http://test.smartcentral.net/user_info?access_token=abcd |
|
222 | + |
|
223 | +* User info returns the following fields: |
|
224 | + * subject (SmartCentral user unique id) |
|
225 | + * name |
|
226 | + * email |
|
227 | + |
|
228 | +### Microsft Active Directory Bridging |
|
229 | + |
|
230 | +The following resources contain information on enabling the use of AD to be an OpenID identity provider: |
|
231 | + |
|
232 | +* https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc |
|
233 | +* https://docs.microsoft.com/en-us/powerapps/maker/portals/configure/configure-openid-settings |
|
... | ... | \ No newline at end of file |