This API allows third party applications to interact and communicate with the Illuminate system. Follow @IlluminateOps on Twitter and subscribe to notifications to receive news and information about updates to this API.
Do you want to get access? Access is given to districts and 3rd party vendors on an as needed basis. Just contact firstname.lastname@example.org and tell us about your application and how you will use our API. If you are a 3rd party vendor, be sure to tell us which districts you are working with.
The Illuminate API is a REST based API, meaning that it accepts traditional HTTP requests. Currently all requests and responses are handled in JSON encoded strings.
OAuth is used for user centric Web Service Authentication. OAuth is an open, simple and secure protocol that enables applications to authenticate users and interact with the Illuminate system on behalf of those users.
For general non user interactive Web Service Authentication, some of the same principals of OAuth are used. The API Request security will use the same Public Keys, Secrets, and Signature methodology as used with OAuth. The only major differences being that the User Access Token and Secret will be pre-generated and Browser Redirection will not take place.
Every application that will communicate with the Web Service is known as a Consumer. Each instance of your application will need it's own Consumer Key and Secret. Every request made will need to include the Consumer Key as a parameter. The Consumer Secret will be used to create a Signature for every request made to the API.
Every request made to the server must also include a Token specifically representing an individual user. This will be combined with a User Secret Key and will be used for generating the Signature along with the Consumer Key & Secret.
You must sign all requests to the Illuminate system using HMAC-SHA1 signature encryption.
To create a signature you must first create a base string from your request details. The base string is constructed by concatenating the HTTP request method, the encoded request URL, and any request parameters encoded, sorted by name, and separated with the '&' symbol.
For example, the following Request:
Would have a base string of the following:
Concatenate the consumer secret and user secret separated with the '&' symbol when running it through HMAC-SHA1 encryption:
Which would be used to create the following signature using HMAC-SHA1 encryption:
You would then create the OAuth Authorization HTTP Header string. OAuth Authorization Parameters currently must be included as part of the Authorization HTTP Header and not the Query Parameters. To create the string, concatenate the OAuth parameters with a comma while in the format key="value". Don't forget to include the generated signature. You will also need to prefix the string 'OAuth '.
Server Errors will have a HTTP Response Status Code and the response body will be blank unless otherwise noted.
Returns a list of District and School sites.
Returns a list of Grade Levels and their IDs.
Returns a paginated list of Students.
Returns a paginated list of Students and their Counselors.
Returns a paginated list of Users.
Returns a paginated list of User Roles.
Returns a paginated list of Terms.
Returns a paginated list of Courses.
Returns a paginated list of Enrollment records.
Returns a paginated list of Sections.
Returns a paginated list of Roster records.
Returns a paginated list of Assessments records.
Submit student scores to an assessment.
Returns a paginated list of aggregated student scores for an assessment.
Returns a paginated list of aggregated student scores for an assessment by question group.
Returns a paginated list of aggregated student scores for an assessment by standard.
Returns a paginated list of aggregated student scores for a pool assessment.
Returns a paginated list of aggregated student scores for a pool assessment by standard.
View the information in an assessment.
Submit data to a summary assessment or demographic, AKA repository.
Retrieve attendance daily records for a particular date.
Retrieve list of attendance flags
Retrieve status of course requirement checks (both graduation and UC checks) for all students
Create a set of User API Keys for another user. This is useful for vendors with administrator rights to make requests on behalf of different users. (I.E. Return a list of Assessments that a particular user has permission to.)
The Response will either return the user information or an error.
Retrieve GradeBook scores for all students
Retrieve overall GradeBook scores for all students
Retrieve GradeBook scores per category for all students
Retrieve GradeBook scores per standard for all students