A basic introduction to the TASS APIs.
Examples
- encryptDecrypt.cs - A basic C# Encrypt and Decrypt class example
- POST.html - A HTML page with a form
- GET.html - A HTML page with an anchor
- DELPHI POST Example Function - A Delphi Example (@filebound)
- EncryptDecrypt.ps1 - PowerShell Encrypt and Decrypt (@sam-fisher)
- encryptDecrypt.cfm - CFML Encrypt and Decrypt example (@ajdyka)
- encryptDecrypt.py - Python Encrypt and Decrypt example (@liamstevens)
- encryptDecrypt3.py - Python3 Encrypt and Decrypt example (@liamstevens)
- encryptDecrypt.php - PHP Encrypt and Decrypt example (@liamstevens, @jtc)
- encryptDecrypt.js - Node.js Encrypt, Decrypt and HTTPS call example (@ricardorusson)
Request URL Construction
-
Overview
The request URL is constructed using several parts.
{protocol}://{domain}/tassweb/api/?method={method}&appcode={appcode}&company={companycode}&v={version}&token={token}E.g.
https://school.edu/tassweb/api/?method=getStudents&appcode=MYAPP01&company=99&v=3&token=96yfUt3jgAIYx0o7i3tjprnBpotNO3Md%2Fyv%2BeToJ8qo%3D
-
Protocol
The protocol is defined in the TASS API Setup in TASS.web. As of TASS v49, this is set to restrict requests to HTTPS only.
-
Domain
The domain of the TASS.web server you wish to make the request to.
-
Method
The API Method you wish to invoke.
-
App Code
The App Code as defined in the TASS.web TASS API Setup.
-
Company Code
The Company Code for which the TASS API App has been configured in TASS.web.
-
Version
- Version 1 APIs utilise Query String Format for the parameter string.
param1=value1¶m2=value2
- Version 2 APIs utilise JSON Format for the parameter string.
{"param1":"value1","param2":"value2"}
- Version 3 APIs also utilise JSON Format, and require a Security Role to be defined in the configuration of the API connection by the school in TASS.web program API Gateway Maintenance. Defining a Security Role enables a school to control what data is made visible through the API.
Where a Security Role is defined for an API connection, the data returned by the API will adhere to the permissions associated with this Security Role.
For example, if the Security Role defined against the Student Details API doesn’t have permissions to view medical information for students, the data returned by the API will not include student medical information in endpoints such as getmedicalillness, getmedicalcondition etc.
E.g. The method IdM > addAdminUserRoles requires a Security Role that is configured for the following permission:
Administration > User Maintenance > Add
IMPORTANT It is not possible to mix different versions of an API in the same configuration. Any API that is configured in TASS.web with a Security Role will only support Version 3 requests. Please confirm with the relevant API documentation that the API supports Version 3 before assigning a Security Role in the setup.
-
Token
The token is generated by encrypting the parameter string with your Token Key.
Encrypt( '{"include_label":"true"}' , '+TG1ZTqy0hTu5h0KMhCP0A==' , 'AES/ECB/PKCS5Padding' , 'Base64')
Expected Token
96yfUt3jgAIYx0o7i3tjprnBpotNO3Md/yv+eToJ8qo=
Expected Token (URL Encoded for GET)
96yfUt3jgAIYx0o7i3tjprnBpotNO3Md%2Fyv%2BeToJ8qo%3D
-
Error Codes
Please refer to HTTP response headers for correct error codes and messages as IIS may reformat or replace JSON responses with standard error templates.