The PeopleFluent LMS exposes its data via an Application Programming Interface (API). The API is HTTP-based, and makes use of widely-supported Web data formats such as XML, JSON, Atom and RSS. The API is intended to conform to the design principles of Representation State Transfer (REST).
The API is intended to support at least the following scenarios:
- Integration with back end systems such as Human Resource Management Systems;
- Integration with other websites and applications, such as portals, that are built on server-side technologies such as Java, the Microsoft .NET Framework, or PHP;
- Access via browser-based technologies such as asynchronous JavaScript with XML/JSON;
- Access via desktop applications (e.g. Adobe AIR, browser extensions); and
- Access via mobile applications (e.g. Android, Cocoa for iPhone).
Some examples of how API’s are being utilized:
- To create User Accounts
- To create Enrollments
- To obtain information about Courses, Catalogs, and Enrollments
Authentication Modes
Each API function utilizes one of the three authentication modes described below. The API function reference indicates the appropriate mode for each specific API function.
User Authentication
When calling a function that uses user authentication, the caller must authenticate using
a PeopleFluent LMS user account. In general, the result of calling a function that requires user authentication will depend on the permissions of the LMS user account that the caller uses to authenticate. The caller can authenticate in either of the two ways listed below.
- The caller can supply the user ID and password of the user account using HTTP basic access authentication. This technique is generally appropriate for callers that are not browser-based—for example, for server-to-server calls, or for desktop or mobile clients.
- The caller can include a standard LMS session cookie in the request. This technique is appropriate for browser-based callers (for example, asynchronous JavaScript with XML/JSON) assuming that the user has already logged into the LMS via the browser.
System Authentication
When calling a function that uses system authentication, the caller must supply a global system password using HTTP basic access authentication. The value of the password is configured in the WEB-INF/conf/ekp.properties configuration file using the authentication.key property. In this case, the LMS ignores the value of the supplied user name. However, some client and server software will not forward the credentials if the user name is empty; for this reason, we recommend supplying an arbitrary non-empty value for the user name.
Not Required
Some API functions provide access to public data that does not require authentication. Note that the function might still return additional information if the user is authenticated (using either of the two techniques described for user authentication above); however, the function is expected to return some useful result even if the user is not authenticated.
Note: When using HTTP basic access authentication, credentials are passed in what is essentially clear text. Therefore, the caller should always use SSL/TLS when sending credentials using basic access authentication.
Manage and Execute APIs using a client (i.e. POSTMAN)
1. Download and Install POSTMAN via https://www.postman.com/downloads/
2. Open POSTMAN and click the + tab
3. If you will going to execute an API with POST method (i.e. enrollUser), change the method to POST (the default is GET) and enter the API endpoint (i.e. https://preview.netdimensions.com/preview/api/enrollUser)
4. Under PARAMS enter the required KEYS and VALUES. For enrollUser, the required KEY or parameter is learning-id. We will be including the onBehalfOf parameter as this will be the identifier of the user on whose behalf the call will be executed.
5. Under AUTHORIZATION, change the Type to Basic Auth and then the necessary Username and Password. For enrollUser API, we will be only entering the password as it uses User Authentication (see description above)
6. Click the SEND button in order to execute the API