- Submit ADFS request via nTouch
With effect from July 2019, LumiNUS API will not provide authentication service. It is connecting NUS ADFS server via ADFS Authorization code flow. If you simply need authentication service, please approach NUS IT for such request. If you need to use other LumiNUS APIs besides the authentication, you can go to nTouch (https://ntouch.nus.edu.sg/ux/myitapp/#/catalog/category?type=SRM&id=IDGAA5V0FAKXWAQI272ZQH49CHRSU9&providerSourceName=srm), then click on AppID for ADFS OAuth Client Integration to submit your request.
Here are some of the useful information
- AD FS Scenarios for Developers: https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/overview/ad-fs-openid-connect-oauth-flows-scenarios#authorization-code-grant-flow
- Official site for OAuth 2.0: https://oauth.net/2/.
- Useful tutorial here:
If you simply need the login component for your application, please approach the staff who is fronting this project. The staff will then contact Messaging Admins team on this.
- Register for LumiNUS API
Once your nTouch request is approved, please Register for LumiNUS API in order to obtain the Ocp-Apim-Subscription-Key for using the LumiNUS APIs.
- Submit ticket to LumiNUS Helpdesk
Please submit ticket to Student Helpdesk (if you are student), and Staff Helpdesk (if you are staff) by providing us the following info:
- Description of your application
- Attach the approved nTouch request.
- The userid of the applicant who Register for LumiNUS API.
- Once you received an email notifying you about the approved LumiNUS API request, you may proceed to use the list of LumiNUS APIs.
Get the Access Token based on authorization code from ADFS - https://luminus.portal.azure-api.net/docs/services/Login/operations/GetADFSAccessToken?
Example of cURL statement:
Note: the user identity is encoded inside the authorization token.
Currently, the web application can't make the call to LumiNUS directly, it will be registered as being sent out from a browser and blocked by the CORS policy. The workaround is the web application to call the API on the secondary application which in turn calls the LumiNUS token endpoint, it is not registered as a browser request and thus it would go through.
- Example of using LumiNUS API:
You are interested in the below API. On top of the the indicated request parameters required by the API, there are required request header (subscription key) for calling the API.
If the API's response is "", it means that the Bearer is needed for the Authorization Headers.
Below is an example of code sample in different languages. Include the authorization header (Bearer) if needed.