What is it?
The Oasis API resources are hosted on resource servers and allow a 3rd party client to interact with the organization's Oasis data. The resources are defined by a JSON REST interface and are protected by the OAuth 2.0 authorization framework. The 3rd party client system must obtain an access token from the Oasis authorization servers and include the access token when making calls to the Oasis resource servers. The API Authorization page details how to obtain an access token.
The Oasis API provides resources for the following types of data:
- Member Statuses
- Member Types
- Retrieve Profiles
- Update Profiles
- Profile Search
Oasis API resources currently only support reading of an organization's Oasis data. The scope requested when obtaining an access token should be set to "read".
Oasis API resources are protected by permissions and the data that is returned from resources can also be restricted further by permissions and other security settings. Access tokens issued by the authorization servers are tied to users in the Oasis system. A user is assigned to groups, and groups are what determine the permissions that a user is given. Therefore, the access tokens are granted the permissions of the user who was authorized in the API Authorization process.
The Oasis API is a JSON API and every resource request should include an Accept header set to application/json:
Using the Access Token
Every resource request must include an access token set on the Authorization header. The following is the format of the Authorization header:
Authorization: Bearer <accessToken>
- accessToken: the access token issued by the authorization server
Using the example value below, the following is the resulting Authorization header:
- accessToken: eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE0NjcyMDU5OTUsInVzZXJfbmFtZSI6IjEwMDEzNDU2MzAiLCJzY29wZSI6WyJyZWFkIl0sInNlcnZpY2VJZCI6NzM0MCwiYXV0aG9yaXRpZXMiOlsiUk9MRV9VU0VSIl0sInVzZXJJZCI6MTAwMTM0NTYzMCwianRpIjoiY2JhMTIyNGQtYmUyMi00YWJkLWEwOGItY2JmN2VjOTBmMTczIiwiY2xpZW50X2lkIjoiOFpnWnhWOUI4cmR3VlhKOGx6dWgifQ.ILtkgzP5CY0tTEyDdcHvu_rN3u1csgsN6UWJo98mfW4
Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE0NjcyMDU5OTUsInVzZXJfbmFtZSI6IjEwMDEzNDU2MzAiLCJzY29wZSI6WyJyZWFkIl0sInNlcnZpY2VJZCI6NzM0MCwiYXV0aG9yaXRpZXMiOlsiUk9MRV9VU0VSIl0sInVzZXJJZCI6MTAwMTM0NTYzMCwianRpIjoiY2JhMTIyNGQtYmUyMi00YWJkLWEwOGItY2JmN2VjOTBmMTczIiwiY2xpZW50X2lkIjoiOFpnWnhWOUI4cmR3VlhKOGx6dWgifQ.ILtkgzP5CY0tTEyDdcHvu_rN3u1csgsN6UWJo98mfW4