Page tree
Skip to end of metadata
Go to start of metadata
  1. Submit ADFS request via nTouch

    With effect from July 2019, LumiNUS API will not provide authentication service. It is connecting NUS ADFS server via ADFS Authorization code flow. If you simply need authentication service, please approach NUS IT for such request. If you need to use other LumiNUS APIs besides the authentication, you can go to nTouch (, then click on AppID for ADFS OAuth Client Integration to submit your request.


    If you simply need the login component for your application, please approach the staff who is fronting this project. The staff will then contact Messaging Admins team on this.

  2. Register for LumiNUS API
    Once your nTouch request is approved, please Register for LumiNUS API in order to obtain the Ocp-Apim-Subscription-Key for using the LumiNUS APIs.

  3. Submit ticket to LumiNUS Helpdesk
    Please submit ticket to LumiNUS Student Helpdesk (if you are student), and LumiNUS Staff Helpdesk (if you are staff) by providing us the following info:
    1. Description of your application
    2. Attach the approved nTouch request.
    3. The userid of the applicant who Register for LumiNUS API.

  4. Once you received an email notifying you about the approved LumiNUS API request, you may proceed to use the list of LumiNUS APIs.
    1. Get the Access Token based on authorization code from ADFS -

      Example of cURL statement:

      Note: the user identity is encoded inside the authorization token.

      Currently, the web application can't make the call to LumiNUS directly, it will be registered as being sent out from a browser and blocked by the CORS policy. The workaround is the web application to call the API on the secondary application which in turn calls the LumiNUS token endpoint, it is not registered as a browser request and thus it would go through.

    2. Example of using LumiNUS API:
      You are interested in the below API. On top of the the indicated request parameters required by the API, there are required request header (subscription key) for calling the API.
      If the API's response is "401 Unauthorized", it means that the Bearer is needed for the Authorization Headers.

      Below is an example of code sample in different languages. Include the authorization header (Bearer) if needed. 

  • No labels