LRS Account Service

API V1 reference

This page applies to SCORM Cloud API V1. You can check out the API V2 reference here.

LRS Account Service

This service provides a simple interface to add and manage acitivity providers as well as arbitrary user accounts managed by the host system




createActivityProvider

  • Semantics: Calling this method will create a new activity provider with a unique, and randomly generated, key and password combination.

  • Required Arguments:

    • appid-- Your application id
  • Example Call:

    http://cloud.scorm.com/api?method=rustici.lrsaccount.createActivityProvider&appid=myappid
    
  • Example response:

   <rsp stat="ok">
       <activityProvider>
           <id>
               <![CDATA[f7-gZ_OUp1WcLClbufY]]>
           </id>
           <accountLabel>
               <![CDATA[Unnamed Account]]>
           </accountLabel>
           <accountKey>
               <![CDATA[f7-gZ_OUp1WcLClbufY]]>
           </accountKey>
           <accountSecret>
               <![CDATA[S63a-yahvGI8K8-Fe80]]>
           </accountSecret>
           <accountAuthType>
               <![CDATA[basic]]>
           </accountAuthType>
           <accountEnabled>
               true
           </accountEnabled>
       </activityProvider>
   </rsp>




listActivityProviders

  • Semantics: Calling this method will return a list of all current activity providers created by this service.

  • Required Arguments:

    • appid-- Your application id
  • Example Call:

    http://cloud.scorm.com/api?method=rustici.lrsaccount.listActivityProviders&appid=myappid
    
  • Example response:

   <rsp stat="ok">
       <activityProviderList>
           <activityProvider>
               <id><![CDATA[f7-gZ_OUp1WcLClbufY]]></id>
               <accountLabel><![CDATA[Unnamed Account]]></accountLabel>
               <accountKey><![CDATA[f7-gZ_OUp1WcLClbufY]]></accountKey>
               <accountSecret><![CDATA[S63a-yahvGI8K8-Fe80]]></accountSecret>
               <accountAuthType><![CDATA[basic]]></accountAuthType>
               <accountEnabled>true</accountEnabled>
               <allowedEndpoints><![CDATA[APPID]]></allowedEndpoints>
               <permissionsLevel><![CDATA[DEFAULT]]></permissionsLevel>
           </activityProvider>
           <activityProvider>
               <id><![CDATA[zlK9B-o3fYt_EQ6x1Sw]]></id>
               <accountLabel><![CDATA[Unnamed Account]]></accountLabel>
               <accountKey><![CDATA[zlK9B-o3fYt_EQ6x1Sw]]></accountKey>
               <accountSecret><![CDATA[HHUlpVoOJnk_qCeUu-s]]></accountSecret>
               <accountAuthType><![CDATA[basic]]></accountAuthType>
               <accountEnabled>true</accountEnabled>
               <allowedEndpoints/>
               <permissionsLevel><![CDATA[]]></permissionsLevel>
           </activityProvider>
       </activityProviderList>
   </rsp>




editActivityProvider

  • Semantics: A call to this method with the optional parameters passed to it will modify those values for the activity provider indicated by the accountKey.

  • Required Arguments:

    • appid-- Your application id
    • accountkey-- The activity provider to modify
  • Optional Arguments:

    • isactive-- true or false indicating whether or not this account should be enabled
    • authtype-- ‘basic’ or ‘oauth’
    • label-- me, a name, I call myself.
    • allowedendpoints-- ‘APPID’
    • permissionslevel-- ‘DEFAULT’, ‘READ_ONLY’ , ‘READ_ANY’ , ‘WRITE_ONLY’
  • Example call:

    http://cloud.scorm.com/api?method=rustici.lrsaccount.editActivityProvider&appid=myappid&accountkey=f7-gZ\_OUp1WcLClbufY&label=forum\_activity\_provider
    
  • Example response:

   <rsp stat="ok">
       <activityProvider>
           <id>
               <![CDATA[f7-gZ_OUp1WcLClbufY]]>
           </id>
           <accountLabel>
               <![CDATA[forum_activity_provider]]>
           </accountLabel>
           <accountKey>
               <![CDATA[f7-gZ_OUp1WcLClbufY]]>
           </accountKey>
           <accountSecret>
               <![CDATA[S63a-yahvGI8K8-Fe80]]>
           </accountSecret>
           <accountAuthType>
               <![CDATA[basic]]>
           </accountAuthType>
           <accountEnabled>
               true
           </accountEnabled>
           <allowedEndpoints>
               <![CDATA[APPID]]>
           </allowedEndpoints>
           <permissionsLevel>
               <![CDATA[READ_ONLY]]>
           </permissionsLevel>
       </activityProvider>
   </rsp>




deleteActivityProvider

  • Semantics: Calling this method deletes the activity provider indicated by the accountKey passed in. This cannot be undone. If you wish to temporarily disable an Activity provider use the edit API instead.

  • Required Arguments:

    • appid-- Your application id
    • accountkey-- The activity provider to modify
  • Example call:

    http://cloud.scorm.com/api?method=rustici.lrsaccount.deleteActivityProvider&appid=myappid&accountkey=f7-gZ\_OUp1WcLClbufY
    
  • Example response:

   <success />




setAppLrsAuthCallbackUrl

  • Semantics: Calling this method sets a callBack URL that will be used to verify basic auth credentials. This URL’s scheme must be HTTPS.

  • Required Arguments:

    • appid-- Your application id
    • lrsAuthCallbackUrl-- URL used to verify basic auth credentials with remote training delivery service. The URL scheme must be HTTPS.
  • Example response:

   <success />
  • Callback Request Info: This is what Cloud sends to your authentication endpoint.

    • The request will include a CloudLrsAuthorization header that contains the base64-encoded concatenation of the username, a colon, and the password (e.g.: jim.raynor:hunter2), the same as basic auth.
    • Note: Request connection failures (e.g., request timeouts, failed DNS lookups, etc.) will be cached for 60 seconds. During these 60 seconds, further authenticated xAPI requests to Cloud for that (appId, callbackUrl, username) combination will automatically fail as unverified.
  • Example Callback Response: This is what your authentication endpoint should send back.

   <resp>
       <auth>verified</auth>
       <permissions>default</permissions>
   </resp>
  • auth-- Is the user verified: (verified | unverified)
  • permissions-- What can this user see? (default | root | read_only)
    • Default allows a user to read and write statements only about themselves.
    • Root allows a user to read and write all statements in that app ID.
    • Read Only allows a user to read all statements in that app ID, but not write any statements.
  • Note: verified responses for the (appId, callbackUrl, username, password) combination are cached for 30 minutes. During these 30 minutes, future xAPI requests will use the cached verified response.
  • Note: unverified responses for the (appId, callbackUrl, username, password) combination are cached for 60 seconds. During these 60 seconds, future xAPI requests will use the cached unverified response.




getAppLrsAuthCallbackUrl

  • Semantics: Calling this method returns a callback URL previously set by setAppLrsAuthCallbackUrl

  • Required Arguments:

    • appid-- Your application id
  • Example response:

   <rsp stat="ok">
       <lrsAuthCallbackUrl>https://example.com/authcallbackURL</lrsAuthCallbackUrl>
   </rsp>




resetAppLrsAuthCallbackUrl

  • Semantics: Calling this method removes a callback URL previously set by setAppLrsAuthCallbackUrl

  • Required Arguments:

    • appid-- Your application id
  • Example response:

    <success />