title_page_pg · web viewthere are new scopes for ou api endpoints. these new scopes are visible...

APIs August 2020

APIs: APIs Overview

Table of ContentsAPIs Overview..................................................................................................................................................... 1

Edge - API Explorer......................................................................................................................................... 2

API (Web Services) Technical Specifications..................................................................................................4

API (Web Services) Throttling.......................................................................................................................... 9

Edge API - Purchase Inquiry..........................................................................................................................10

Bulk API - API History.................................................................................................................................... 13

API Management Page.................................................................................................................................. 16

API Management....................................................................................................................................... 17

API Authentication - OAuth 2.0 - Granular Scopes....................................................................................21

Core/General APIs......................................................................................................................................... 23

Bulk API (User & OU)................................................................................................................................. 24

Organizational Unit (OU) API (Early Adopter)............................................................................................28

Learning APIs................................................................................................................................................ 30

Express Class API..................................................................................................................................... 31

Learning Assignment Tool API...................................................................................................................33

Transcript Search API................................................................................................................................ 35

Performance APIs.......................................................................................................................................... 36

Update Goal Progress API......................................................................................................................... 37

i

APIs: APIs Overview

APIs OverviewImportant: Cornerstone's legacy API authentication framework for APIs, Session Token Service (STS), is scheduled for end-of-life which is targeted to occur with the February '21 Release.

1

APIs: APIs Overview

Edge - API ExplorerAll REST API documentation is available within Edge Develop. The API Explorer enables developers and partners to easily learn and share ways to optimize the system by reading and contributing information regarding various CSOD applications.

Important: Cornerstone's legacy API authentication framework for APIs, Session Token Service (STS), is scheduled for end-of-life which is targeted to occur with the February '21 Release.

To access the API Explorer, go to ADMIN > TOOLS > EDGE and click the API Explorer link.

Permissions

PERMISSION NAME

PERMISSION DESCRIPTION CATEGORY

Edge Develop - API Explorer

Grants access to the API Explorer, which provides access to help documentation for various API applications.

Edge

2

APIs: APIs Overview

API ExplorerAll the content for applications and features related to REST APIs is available within the API Explorer. Select a resource from the navigation menu on the left side of the page, or enter a search term in the Search bar and click the ENTER button on your keyboard to receive relevant documentation results.

Public Access to API ExplorerTo access the API Explorer independently of a Cornerstone portal, go to: https://apiexplorer.csod.com/apiconnectorweb/apiexplorer#/

Generic documentation for existing Edge APIs is available from this URL. From the publicly accessible API Explorer page, users with access to an Edge portal can log into their Edge accounts, which redirects them to the Edge Marketplace, provided they have the associated permission. If an anonymous user attempts to try or purchase an API, they are directed to the Edge login screen and prompted to log in.

3

APIs: APIs Overview

API (Web Services) Technical SpecificationsCornerstone's custom authentication framework, Session Token Service (STS), will be deprecated in February 2020 and will be fully retired and unavailable in February 2021. During the deprecation phase, Cornerstone will stop supporting STS. The STS endpoint will still be available during the deprecation phase, but Cornerstone will no longer address any defects or enhance this endpoint. Any requests to the endpoint will fail starting February 2021, when STS is fully retired.

Organizations will need to modify their code for existing integrations that use Cornerstone's API and switch to OAuth 2.0 from STS by February 2021. This only impacts Cornerstone's RESTful APIs, which includes the following:

o Cornerstone's Foundational APIs (i.e. Cornerstone REST services)o Reporting APIo Employee API (i.e. Cornerstone Core/CHR services)o Express Class APIo Job Application API

This page displays a list of available APIs (web services).

All API technical specifications are available within the Edge API Explorer. To access the API Explorer, go to ADMIN > TOOLS > EDGE > API EXPLORER.

Permissions

PERMISSION NAME




Edge

Additional permissions may be required for each API. These permissions are listed in the API specification within the Edge API Explorer.

Core APIsREST API

NAMEDESCRIPTION

Approvals This API enables users to view, approve, and deny requests on the user's Universal profile page. Using the Approvals API, users can review and manage approvals for offer letters, compensation, development plans, and more.

Global Search Global Search - The purpose of this service is to Get People,Training,Certification details.

4

APIs: APIs Overview

REST API NAME

DESCRIPTION

OU Get OUs - The purpose of this service is to get OU details.

Learning and Extended Enterprise APIsREST API

NAMEDESCRIPTION

Catalog Search Catalog Search - The purpose of the Global Search service is to search & retrieve training data as per the search criteria given in the input parameters of the request call. For example, a client can search for trainings by title, description, and provider name.

Certification Details

Certification Details - The GetCertificationDetails rest service allows an Active user to drill down and obtain a Ceritfication LO’s meta-data. The rest call will only be for one Certification LO.

Certification Transcript

Transcript Details - The GetCertificationTranscript rest service allows you the ability to retrieve users’ certification transcript information from the Learning Management System (LMS). Data retrieved is based on the permissions assigned to the web service account requesting the information.

Certification Delete Certification - The purpose of the service is to remove certifications that are assigned to users.

Custom Field Custom Field - The Training Custom Field service allows the client to load values to training custom fields at either the Learning Object (LO) level or the Transcript level. Custom field REST Service can either add new Custom value or update existing value of custom field.

LO Transcript Transcript Search - The Transcript Search service gives you the ability to retrieve users’ transcript information from the Learning Management System (LMS).

LO Create LO - The Create LO operation replicates the functionality of creating a new learning object in the Cornerstone LMS. All business rules configured in the portal are observed for this call. The actual payload can vary depending on the type of learning object.

Get LO - The Get Details operation allows the ability for an active user to drill down and obtain a learning object’s (LO’s) standard and custom field data.

Update LO - The Update LO operation replicates the functionality of creating a new learning object in the Cornerstone LMS. All business rules configured in the portal are observed for this call.

5

APIs: APIs Overview

REST API NAME

DESCRIPTION

Proxy Enroll LO Create - The Create Proxy Enrollment service enrolls users to a Learning Object (LO). This service can be used to enroll users in batches. The client will be able to Assign, Approve, Register, and Complete an LO. This service only supports the standard proxy type.

Get Status - The Proxy Enrollment Status service gets proxy enrollment statuses based on a given date range.

This API is scheduled for deprecation in February 2021.

Session Roster Create - The purpose of this service is to allow clients, in real time, to update the session attendance roster as well as complete the session. The service is located at the following end points by environment.

Get Details - The purpose of this service is to allow clients to get the session attendance roster. Also this service is to get the details of Session roster for particular session. Service will provide all the details of particular session for which the Session ID or Locater ID is provided in request.

Training Unit Create Training Unit Assignment - The InsertTrainingUnitAssignment service operation replicates the functionality of creating new training unit assignments in the Cornerstone OnDemand (CSOD) Learning Cloud for extended enterprise (EXE) clients. All business rules configured in the portal are observed for this call.

Transcript and Task

Get Approvals - If approvals are used in the system and the user is a manager or approver, this represents the pending approvals for his or her subordinates. If this XML element is not included in the request, no items awaiting approval will be returned in the response message.

Get Assigned Trainings - This service returns all the transcripts assigned to Users, along with their statuses and due dates as applicable.

Get Inbox Items - This has no fields or attributes, it retrieves all items in the user’s inbox as shown on the welcome page. It represents a summary result set of other modules.

Get Sessions - Get upcoming sessions

Get Suggested Training - This report returns required and suggested Learning Objects have been added to user's transcripts by Admins or portal workflows.

Get Tasks - Represents all incomplete tasks assigned to the user. If this XML element is not included in the request, no tasks will be returned in

6

APIs: APIs Overview

REST API NAME

DESCRIPTION

the response message.

Get Transcripts - This Service represents all transcript items currently in the user’s transcript. Each response can return a maximum of 50 transcript records. There is a pageNumber attribute that can be incremented to get the next batch of 50 transcript records.

Performance APIsREST API

NAMEDESCRIPTION

Goal Create - The purpose of this service is to create goals.

Details - The purpose of this service is to get user goal details.

Update - The purpose of this service is to update user goal.

Performance Review

Get Details - This service enables administrators to extract performance review ratings, goals, and competency data that is associated with a performance review task within a specified time period. In order to use this service, administrators need to send a performance review task name or task ID. The service returns records for all users that are assigned the task. The service also includes each rating for each review step as well as comments.

Recruiting APIsREST API

NAMEDESCRIPTION

Recruiting Get Job Applicant - This service is designed to pull ATS Job Applicant master data from CSOD in real time. The purpose of this service is to allow clients retrieve candidate information from the CSOD application. Client will call this service and specify an applicant status and other search criteria retrieve the user information.

Get Job Requisition Ad Details - The purpose of this service is to get Job Requisition Ad details based on the input job requisition ref value.

Get Job Requisition Custom Field - The purpose of this service is to get Job Requisition Custom Fields data as per the search criteria given in input parameter.

Get Job Requisition - This service is designed to pull ATS Job Requisition

7

APIs: APIs Overview

REST API NAME

DESCRIPTION

master data from CSOD in real time.

Update Job Applicant Status - This service is designed to change the status of a job applicant.

ReportingAPI NAME DESCRIPTION

Reporting The Reporting API is a public facing web service that allows clients read-only access to their Cornerstone data via the Real Time Data Warehouse (RTDW). It adheres to the OData protocol (http://www.odata.org/) and dynamically adjusts to reflect any client's schema. Currently, it allows access to all the reporting views in the report schema (report.vw_rpt_*), which are the data source for custom reporting in the Cornerstone application.

To provide better API functionality and experience, Cornerstone is moving from SOAP to REST APIs. Click here to view available SOAP APIs.

8

APIs: APIs Overview

API (Web Services) Throttling

REST APIsThe throttling limit for REST APIs varies by endpoint. Please check the documentation in the API Explorer for additional details.

SOAP APIsTo increase the performance and reliability of the system, throttling is implemented on all existing SOAP APIs for all organizations using SOAP APIs. The maximum request rate for all SOAP services is 35K requests per hour per organization, meaning that an organization cannot make more than 35K requests within an hour. Other limits include:

o The maximum throttle rate for the GetTranscriptandTask SOAP Service is 2K requests per hour per organization.

o The maximum throttle rate for the Learning Object Web Service (LOWS) is 2K requests per hour per organization.

If the request count exceeds the request threshold, the SOAP API does not execute any action, and "Throttle rate exceeded" is displayed in the API response. The request count is reset an hour after the initial request.

This only impacts organizations using SOAP APIs.

9

APIs: APIs Overview

Edge API - Purchase InquiryEdge administrators may submit a purchase inquiry for the Cornerstone API or the Reporting API, which are available in the Edge Marketplace.

To access the Edge Marketplace, go to ADMIN > TOOLS > EDGE and click on the Marketplace link.

Permissions

PERMISSION NAME


Edge Marketplace - Manage

Grants access to the Marketplace service for Edge Integrate where the administrator can browse and purchase integrations that can be used to extend the Cornerstone system. This permission cannot be constrained. This is an administrator permission.

Edge

Purchase Inquiry To create and submit a purchase inquiry, search for and click the Cornerstone API or the Reporting API in the Edge Marketplace. After clicking the API, you are able to view additional information about the API, contact CSOD for pricing information, and create a purchase inquiry.

10

APIs: APIs Overview

Click the PURCHASE INQUIRY Inquiry button in the upper-right corner of the page. This will open a form.

Complete the Purchase Inquiry form by providing the following information about yourself and your organization:

o First Name o Last Nameo Company Nameo Company Addresso Cityo Stateo Zip Codeo Countryo Contact Emailo Contact Phone Numbero Best Time to Contact

After populating all required fields on the form, click the SUBMIT button to submit the form. Clicking the CANCEL button will close the form without submitting or saving any input data. Once you have submitted a form, your Client Executive will contact you with the next steps for completing the purchase and enablement process.

11

APIs: APIs Overview

12

APIs: APIs Overview

Bulk API - API HistoryThe Bulk API History page displays a history of all loads performed using the Bulk API.

The API History page can be accessed in the following ways:

o Go to ADMIN > TOOLS > EDGE. Then, select the Bulk API History link in the Develop section.

o Go to ADMIN > TOOLS > EDGE > IMPORTS AND FEEDS. Then, select the BULK API HISTORY button.

Permissions

PERMISSION NAME


Access Edge Bulk API History

Grants access to the Bulk API History page, which displays all the loads that have been performed using the Bulk API. Administrators can select a load to view additional details of the load, including the results. This permission cannot be constrained. This is an administrator permission.

Edge

Access Edge Bulk API

Grants ability to access and utilize the Bulk API. This permission cannot be constrained. This is an administrator permission.

This permission is only available when the Bulk API is enabled via Edge Marketplace.

Edge

Access Edge Import Grants access to the Edge Import tool, which enables administrators to load data into their portal. This permission cannot be constrained. This is an administrator permission.

Edge Import

Bulk API - Cost Center OU

Grants ability to use the Bulk API to load cost center organizational unit (OU) data. This permission cannot be constrained. This is an administrator permission.


Edge

Bulk API - Custom OU

Grants ability to use the Bulk API to load custom organizational unit (OU) data. This permission cannot

Edge

13

APIs: APIs Overview

be constrained. This is an administrator permission.


Bulk API - Division OU

Grants ability to use the Bulk API to load division organizational unit (OU) data. This permission cannot be constrained. This is an administrator permission.


Edge

Bulk API - Employee Grants ability to use the Bulk API to load employee data. This permission cannot be constrained. This is an administrator permission.


Edge

Bulk API - Grade OU Grants ability to use the Bulk API to load grade organizational unit (OU) data. This permission cannot be constrained. This is an administrator permission.


Edge

Bulk API - Legal Entity OU

Grants ability to use the Bulk API to load legal entity organizational unit (OU) data. This permission cannot be constrained. This is an administrator permission.


Edge

Bulk API - Location OU

Grants ability to use the Bulk API to load location organizational unit (OU) data. This permission cannot be constrained. This is an administrator permission.


Edge

Bulk API - Position OU

Grants ability to use the Bulk API to load position organizational unit (OU) data. This permission cannot

Edge

14

APIs: APIs Overview

be constrained. This is an administrator permission.


API ExplorerDocumentation for the Bulk API is available in the API Explorer.

o API Explorer - https://apiexplorer.csod.com/apiconnectorweb/apiexplorer#/

Bulk API HistoryThe following information is displayed for each previous Bulk API run:

o Load name - Administrators can select a feed to view additional details about the load. Note: Administrators must have the corresponding Bulk API permission to view the details for a load type. For example, you must have the Bulk API - Division OU permission to view the details of a Division OU load.

o Startedo Run byo Import statuso Import results

15

APIs: APIs Overview

API Management Page

16

APIs: APIs Overview

API ManagementThe API Management page provides access to the following tabs:

o Manage APIs - This page allows you to enable and disable purchased API productso Manage OAuth 2.0 Applications - This page allows you to manage OAuth 2.0

applicationso Manage STS Keys - This page allows you to retrieve API keys for Cornerstone's legacy

STS authentication framework (STS is being deprecated and will be fully retired in Feb 2021)

To access the API Management page, go to: ADMIN > TOOLS > EDGE and click the API Management link. On the Edge Integrate page, select the Manage Applications tab.

Permissions

PERMISSION NAME


Edge APIs - Manage Grants ability to manage Edge APIs on the API Management page.

Edge

Manage APIsFrom the Manage APIs tab, you can manage any APIs that your organization has purchased.

o To disable a purchased API, toggle the switch next to the integration to the Off position.o To enable a purchased API, toggle the switch next to the integration to the On position.

Manage OAuth 2.0 ApplicationsOn the Manage OAuth 2.0 Applications page, you can register new OAuth 2.0 applications or manage existing OAuth 2.0 applications.

You can enable and disable existing applications by toggling the switch next to the application to the On or Off position.

17

APIs: APIs Overview

To register an application:

1. Click the REGISTER NEW APPLICATION button.2. Populate the fields on the Register New Application page, including the Application

Name, Username, and a validity period, if applicable.o Each registered application must be associated with an existing user account, which

functions as a service account. This user account is bound to the application and to the client ID and secret.

o The validity period defines the time period, in seconds, for which an access token is issued. This field is optional. If no value is entered, access tokens will be assigned a default validity period of one hour. The maximum value that can be entered in this field is 86,400 seconds (one day). The minimum value is 300 seconds.

3. Click the REGISTER APPLICATION button.4. Copy the client ID and secret generated by Cornerstone to use when building your API-

based integration. Be sure to save this information for your use, as you will only be shown the secret once.

Note: If needed, a registered integration can be deactivated from the Manage Integrations tab by toggling the Active switch to the Inactive position.

18

APIs: APIs Overview

Manage STS KeysCornerstone's custom authentication framework, Session Token Service (STS), will be deprecated in February 2020 and will be fully retired and unavailable in February 2021. During the deprecation phase, Cornerstone will stop supporting STS. The STS endpoint will still be available during the deprecation phase, but Cornerstone will no longer address any defects or enhance this endpoint. Any requests to the endpoint will fail starting February 2021, when STS is fully retired.

Organizations will need to modify their code for existing integrations that use Cornerstone's API and switch to OAuth 2.0 from STS by February 2021. This only impacts Cornerstone's RESTful APIs, which includes the following:

o Cornerstone's Foundational APIs (i.e. Cornerstone REST services)o Reporting APIo Employee API (i.e. Cornerstone Core/CHR services)o Express Class APIo Job Application API

The following are NOT currently impacted:

o xAPIso SOAP APIs

19

APIs: APIs Overview

20

APIs: APIs Overview

API Authentication - OAuth 2.0 - Granular Scopes Edge Administrators can select granular scopes, allowing organizations to control the methods and endpoints an application can access through Cornerstone's APIs using the OAuth 2.0 API credentials. A "scope" is a mechanism in OAuth 2.0 which is used to limit an external application's access. OAuth 2.0 is an industry-standard authentication and authorization protocol for APIs. Using this protocol reduces the time and effort needed by external developers to integrate with the Cornerstone system.

This means organizations can specify applications' access to individual calls. For example, an organization can specify an application's access to GET /services/api/Recruiting/JobApplicant by choosing the get_jobApplicant scope.

ImplementationThis functionality is available to any organization that has purchased Cornerstone APIs or the Reporting API. A purchase inquiry for Cornerstone APIs or the Reporting API can be submitted through the Edge Marketplace.

To access Cornerstone APIs or the Reporting API in the Edge Marketplace, go to: ADMIN > TOOLS > EDGE and click the Marketplace link. Search for and click the Cornerstone API tile. Click the Setup tab for setup instructions for the API.

Additional information about scopes is available in the API Explorer: https://apiexplorer.csod.com/apiconnectorweb/apiexplorer#/

API Management - ScopesThe Scopes for an API can be added when registering a new OAuth 2.0 application from the API Management page in Edge.

To access the API Management page, go to: ADMIN > TOOLS > EDGE and click the API Management link. Click the Manage OAuth 2.0 Applications tab.

Permissions

PERMISSION NAME


Edge APIs - Manage Grants ability to manage Edge APIs on the API Management page.

Edge

21

APIs: APIs Overview

Register New ApplicationScopes can be configured during the application registration process. To register an application:

1. Click the REGISTER NEW APPLICATION button.2. Populate the fields on the Register New Application page, including the Application

Name, Username, and a validity period, if applicable.o Each registered application must be associated with an existing user account, which

functions as a service account. This user account is bound to the application and to the client ID and secret.

o The validity period defines the time period, in seconds, for which an access token is issued. This field is optional. If no value is entered, access tokens will be assigned a default validity period of one hour. The maximum value that can be entered in this field is 86,400 seconds (one day). The minimum value is 300 seconds.

3. Configure the application's scopes. The Scopes section contains a list of endpoints and operations to which the application needs access. The external application will not be able to access an endpoint or operation if it is not selected on this page. Select any necessary scopes.

4. Click the REGISTER APPLICATION button.5. Copy the client ID and secret generated by Cornerstone to use when building your API-

based integration. Be sure to save this information for your use, as you will only be shown the secret once.

o For more information about managing APIs: See API Management on page 16 for additional information.

o For more information about specific APIs, go to the API Explorer in Edge: https://apiexplorer.csod.com/apiconnectorweb/apiexplorer#/

22

APIs: APIs Overview

Core/General APIs

23

APIs: APIs Overview

Bulk API (User & OU)The Bulk API is available for user and organizational unit (OU) loads. Bulk APIs provide organizations the ability to leverage a highly scalable and resilient framework to create and update data in Cornerstone via APIs.

o It is optimized for loading large data sets in an asynchronous, queued model. It is ideal for bulk load use cases where there is a need to create or update data into your Cornerstone portal using APIs. For example, you can use Bulk APIs to keep employee and OU data in sync from your HRIS into Cornerstone.

o It supports the OAuth 2.0 authentication framework released in August 2019.o It supports the portal configurations including custom fields, custom employee

relationships, and availability settings for custom fields.

Use the API to retrieve the status of your loads as well as obtain a full report of the load performed including errors and warnings. Additionally, all the loads performed using the Bulk API are visible in a new Bulk API History page in Edge. The Bulk API History page is only visible to users who have the new Access Edge Bulk API History permission. Additional load-type specific permissions control the downloading of reports from the history page.

How Does this Enhancement Benefit My Organization?This API enables organizations to keep their employee and organizational unit (OU) information in Cornerstone up-to-date by loading data in bulk with a modern, scalable REST API.

API ExplorerDocumentation for all available APIs is available in the API Explorer.

o https://apiexplorer.csod.com/apiconnectorweb/apiexplorer#/

Considerationso Organizations using Cornerstone HR cannot use the Bulk API to load employee data

since effective dating is not yet supported by the Bulk API.o SPII fields and secure custom fields are not supported by the Bulk API.o There are new OAuth 2.0 scopes for Bulk API endpoints which is visible while

registering a new OAuth 2.0 application or modifying an existing OAuth 2.0 application. Organizations with existing OAuth 2.0 applications must explicitly select the Bulk API scopes before utilizing the Bulk API endpoints.

ImplementationOrganizations can self-activate the Bulk API for users and OUs via the Edge Marketplace in Pilot and Stage environments.

24

APIs: APIs Overview

Organizations wanting to use the Bulk API in Production must submit a purchase inquiry via the Edge Marketplace. See Edge API - Purchase Inquiry on page 10 for additional information.

The Access Edge Bulk API History permission is assigned the System Administrator role by default. The remaining permissions are enabled upon activation. Additional documentation is available in the API Explorer upon release of the Bulk API.

PermissionsThe following permissions apply to this functionality:

PERMISSION NAME


Access Edge Bulk API History

Grants access to the Bulk API History page, which displays all the loads that have been performed using the Bulk API. Administrators can select a load to view additional details of the load, including the results. This permission cannot be constrained. This is an administrator permission.

Edge

Access Edge Bulk API

Grants ability to access and utilize the Bulk API. This permission cannot be constrained. This is an administrator permission.


Edge

Bulk API - Cost Center OU

Grants ability to use the Bulk API to load cost center organizational unit (OU) data. This permission cannot be constrained. This is an administrator permission.


Edge

Bulk API - Custom OU

Grants ability to use the Bulk API to load custom organizational unit (OU) data. This permission cannot be constrained. This is an administrator permission.


Edge

Bulk API - Division OU

Grants ability to use the Bulk API to load division Edge

25

APIs: APIs Overview

organizational unit (OU) data. This permission cannot be constrained. This is an administrator permission.


Bulk API - Employee Grants ability to use the Bulk API to load employee data. This permission cannot be constrained. This is an administrator permission.


Edge

Bulk API - Grade OU Grants ability to use the Bulk API to load grade organizational unit (OU) data. This permission cannot be constrained. This is an administrator permission.


Edge

Bulk API - Legal Entity OU

Grants ability to use the Bulk API to load legal entity organizational unit (OU) data. This permission cannot be constrained. This is an administrator permission.


Edge

Bulk API - Location OU

Grants ability to use the Bulk API to load location organizational unit (OU) data. This permission cannot be constrained. This is an administrator permission.


Edge

Bulk API - Position OU

Grants ability to use the Bulk API to load position organizational unit (OU) data. This permission cannot be constrained. This is an administrator permission.


Edge

26

APIs: APIs Overview

Security RolesThe Edge Bulk API History permission is automatically granted to the default System Administrator role. Administrators must grant this permission with the appropriate constraints to other roles, if necessary.

The remaining Bulk API permissions are disabled until the Bulk API is enabled through Edge Marketplace, at which time they are granted to the default System Administrator role.

27

APIs: APIs Overview

Organizational Unit (OU) API (Early Adopter)The Organizational Unit (OU) API is available for early adopter organizations to create, read, and update their organizational data in real-time.

The OU API provides robust handling for full feature management of OUs:

1. Fetch OU types2. Fetch OU custom fields3. Search OUs by type, name, or identifier4. Create, update, view, and mark OUs inactive

How Does this Enhancement Benefit My Organization?This public API allows organizations to manage their organizational data in real-time. Use the OU API to build real-time integrations to manage your organization's structure with no dependency on Cornerstone for development.

API ExplorerDocumentation for all available APIs is available in the API Explorer for general access.

o https://apiexplorer.csod.com/apiconnectorweb/apiexplorer#/

Considerationso The OU API leverages the same permissions and constraints required to manage OUs

in the portal.o Group management is not supported with this API.

ImplementationOrganizations can purchase and enable the OU API through the Edge Marketplace as a part of Cornerstone Foundational API’s. There are new scopes for OU API endpoints. These new scopes are visible while registering a new OAuth 2.0 application or modifying an existing OAuth 2.0 application. Clients with existing OAuth2 apps must explicitly select the OU API scopes before they can start making calls to the OU API endpoints. Additional documentation is available in the API Explorer upon release of the OU API.

PermissionsThe OU API respects the same permissions and constraints on the following permissions:

PERMISSION NAME


OU Hierarchy - Manage

Grants ability to create and update/edit organizational units. This permission grants access

Core Administratio

28

APIs: APIs Overview

to all OU types, both standard and custom. This permission can be constrained by OU and User's OU. This is an administrator permission.

n

Grades - View Grants ability to view the Grade Organizational Unit throughout the system, such as in availability drop down selectors, when editing users, etc. Those without this permission do not see the Grade OU on any screen. This is primarily an administrator permission, although organizational policy should determine whether the Grade OU should be visible to end users on reporting screens, etc.

Core Administration

29

APIs: APIs Overview

Learning APIs

30

APIs: APIs Overview

Express Class APIA public API is available for Express Class, allowing organizations to design custom solutions for Express Class without needing to interact directly with its user interface. Public APIs can be used to create custom solutions by any organization with the developer skills to do so.

Use CasesUse case #1: Training Capture via Badge ScanningRichard is an L&D Leader at ACME and prefers that his training facilitators access Express Class functionality within their current systems. His training facilitators usually have attendees scan their RFID badges and then they record those users for a selected training item. With the public API, Richard’s IT resources can integrate the necessary components of Express Class into their current systems to accomplish their use cases without requiring his facilitators to access and use Cornerstone’s Express Class user interface.

Use case #2: Just in Time TrainingLaurie is an IT Leader at ACME, which operates restaurant locations across the country. ACME’s restaurants regularly accommodate new employees who require frequent training, and this consumes a lot of ACME’s resources due to the burden of coordinating group training sessions. With the public API, Laurie’s IT resources can integrate necessary components of Express Class into systems that are at the employee’s fingertips, allowing employees to educate themselves with training content and receive credit for the training. Laurie can reduce ACME’s need for costly group training sessions, increase the efficiency of the organization, and assist in tracking training completions for her compliance needs.

Use case #3: Building a ChatbotDinesh is an L&D leader at ACME, a company that uses conversational user interfaces to accomplish many tasks. Dinesh wants to test users and capture their results using a chatbot, which appears after a viewer has completed a training item. Using Express Class’s public API, Dinesh can enable his IT team to build a conversational chatbot which records scores for the training and submits them to the viewer’s transcript in a Complete, Incomplete, or Failed status. The viewer then receives credit for the training without logging into the Learning Management System (LMS).

Use case #4: Supporting Alternate ModalitiesJarod is an Operations Manager at ACME, an organization which uses touchscreen systems for new employees. Dinesh, a new employee, uses the touchscreen system to complete an onboarding evaluation which communicates results to ACME’s Learning Management System. Using Express Class’s public API, ACME is able to integrate Express Class functionality alongside their touchscreen evaluation process, capture the applicant’s score, and store completion information for future reporting.

31

APIs: APIs Overview

ConsiderationsThe following considerations apply to this functionality:

o This API is "Create only." It can only submit attendees with a status to the transcript.o This API does not support read, update, or delete operations at this time.o The Express Class - Manage permission is required in order to access the Express

Class public APIo The constraints applied to the Express Class - Manage permission are also applicable

to the Express Class public API. For example, if a user has permission to manage express class, and the permission is constrained to X users, the user can only submit for those users via the public API.

ImplementationThis public API requires the purchase of Cornerstone APIs. For organizations which have already purchased Cornerstone APIs, no additional purchase is required. A purchase inquiry for Cornerstone APIs can be submitted through the Edge Marketplace.

To access Cornerstone APIs in the Edge Marketplace, go to: ADMIN > TOOLS > EDGE and click the Marketplace link. Search for and click the Cornerstone API tile. Click the Setup tab for setup instructions for the API.

Additional documentation about the Express Class API is available in the API Explorer. To access the API Explorer independently of a Cornerstone portal, go to: https://apiexplorer.csod.com/apiconnectorweb/apiexplorer#/

PermissionsThe following existing permission applies to this functionality:

PERMISSION NAME


Express Class - Manage

Grants the ability to create and add users to an Express Class for a facilitated training session. This permission can be constrained by OU, User, User Self and Subordinates, and User's OU. This is an end user permission.

Learning - Administration

32

APIs: APIs Overview

Learning Assignment Tool APIThe Learning Assignment Tool public API is available via the Edge Marketplace. This public API offers flexibility when a custom solution for the Learning Assignment Tool is required by an organization. With the new Learning Assignment API, users can enjoy many of the same features that exist in the Learning Assignment Tool user interface.

How does this benefit my organization?Public APIs promote extensibility and allow organizations to interface with the system and its features in ways the system itself may not currently accommodate through its front-end user interfaces. Public APIs can be used to create custom solutions by any organization using internal development resources, partners, integrators, or other third party development resources.

ExclusionsThe following Learning Assignment Tool features from the system are NOT supported by the Learning Assignment Tool public API:

o Dynamic learning assignments (only standard assignments are supported)o Custom emails and ad hoc emailso Scheduling the assignment for the future (your organization can build a queuing system

if needed)o Force Prerequisites optiono Training Start Date optiono The API does not currently support assigning instructor-led training (ILT) events and

sessions in a Completed status if they occurred in the past

Learning Assignments created using the legacy Proxy Enrollment API will display on the Manage Learning Assignments page with their source listed as: "Created with Learning Assignment Tool." Assignments created using the new Learning Assignment Tool API display with a source of "Created with API." This is because the legacy API is not capable of distinguishing whether the assignment was created via API or via the Learning Assignment Tool user interface.

ConsiderationsCornerstone’s legacy Proxy Enrollment API, available as part of Cornerstone API, is scheduled for deprecation. It is being replaced by the new Learning Assignment API. Cornerstone will continue to support the Proxy Enrollment API as of the October ’19 Release, but new integrations for the API will be discontinued. The Proxy Enrollment API will still be available at this time, but Cornerstone will not fix any defects or enhance this API. The documentation for this API will be removed from the Foundational APIs tile in the API Explorer after the new Learning Assignment API becomes available with the October ’19 Release.

33

APIs: APIs Overview

Organizations using the Proxy Enrollment API must modify any code referencing the Proxy Enrollment API and update the code to reference the Learning Assignment Tool public API.

For more information: See Deprecation Proxy Enrollment.

ImplementationThis public API requires the purchase of Cornerstone APIs. For organizations which have already purchased Cornerstone APIs, no additional purchase is required. A purchase inquiry for Cornerstone APIs can be submitted through the Edge Marketplace.

To access Cornerstone APIs in the Edge Marketplace, go to: ADMIN > TOOLS > EDGE and click the Marketplace link. Search for and click the Cornerstone API tile. Click the Setup tab for setup instructions for the API.

Additional documentation about the Learning Assignment Tool public API is available in the API Explorer. To access the API Explorer independently of a Cornerstone portal, go to: https://apiexplorer.csod.com/apiconnectorweb/apiexplorer#/

PermissionsThe Learning Assignment API references the user's permissions, just as they are referenced for creation of an assignment via the Learning Assignment Tool in the system. The user account associated with the OAuth 2.0 application must have the required permissions to create a standard learning assignment using this API. The permissions required are listed in the API Explorer.

The following existing permission is needed to access the API Explorer from within the Cornerstone system:

PERMISSION NAME




Edge

34

APIs: APIs Overview

Transcript Search APIThe REST Transcript Search API provides clients, partners, and vendors the ability to retrieve transcript data from Cornerstone.

ImplementationThe Transcript Search API is available to organizations using the Cornerstone API and the Learning module.

For full documentation about the Transcript Search API, please see the API Explorer: https://apiexplorer.csod.com/apiconnectorweb/apiexplorer#/

35

APIs: APIs Overview

Performance APIs

36

APIs: APIs Overview

Update Goal Progress APIAn API for updating goal progress is available, which can be used together with the API for creating goals and the API for updating goals to build a complete integration solution. The Update Goal Progress API supports updating progress on goals and goal tasks, as well as updating actual values in goal targets.

ImplementationThis API is automatically available for organizations using the Cornerstone API and Cornerstone's Performance module. There is no additional cost associated with this functionality when using it in conjunction with the Cornerstone API and the Performance module.

For full documentation about the Update Goal Progress API, including the endpoint URL, request and response body format, business rules, and validation errors, please see the API Explorer: https://apiexplorer.csod.com/apiconnectorweb/apiexplorer#/

PermissionsThe following existing permission is needed by the user acquiring the session token:

PERMISSION NAME


Goals - Create Grants ability for user to create goals for self (and direct and indirect reports if a manager). The permission constraints determine for whom the user can create goals. This permission can be constrained by Employee Relationship, OU, User's OU, and User Self and Subordinates. This is an end user permission.

Performance

37

title_page_pg · web viewthere are new scopes for ou api endpoints. these new scopes are visible...

Documents