Integration Architecture Of SDMS

Similar documents
SDMS TRAINING MANUAL FOR TRAINING PARTNERS

Frequently Asked Questions (FAQs) for Trainer

TP-Fee Based Portal User Manual

Payment Card Industry (PCI) 3-D Secure (PCI 3DS) Qualification Requirements for 3DS Assessors

DIGITALSIGN - CERTIFICADORA DIGITAL, SA.

Direct Message Exhange (Web Service)

T2S Connectivity Guide

API 2.0 Error Handling document

E-Way Bill System User Manual for API Interface (Site-to-Site integration)

Libelium Cloud Hive. Technical Guide

Inland Revenue. Build Pack. Identity and Access Services. Date: 04/09/2017 Version: 1.5 IN CONFIDENCE

Oracle Mission Critical Support Platform. General. Installation. Troubleshooting. Inventory and Discovery. Frequently Asked Questions Release 2.

Gradintelligence student support FAQs

ezeesms URL API Documentation

Seals Web Service V1.0 Cookbook Version 2.1. This document is provided to you free of charge by the. ehealth platform

Sparta Systems TrackWise Digital Solution

Partner Web Services. GetOrderStatus Version 1 Service Manual

Technical Overview. Version March 2018 Author: Vittorio Bertola

The following device commands are used most frequently: Lock/Unlock device O - O O. Reset screen password O - O - Factory reset + Initialize SD Card

PUSH services. Document revision 1.0 Date of Issue: 04 October 2018 Date of revision: 04 October Nick Palmer.

Guide to Deploying VMware Workspace ONE with VMware Identity Manager. SEP 2018 VMware Workspace ONE

Request for Proposal

SDMS Assessor Web Portal User Manual PMKVY2.0

DCCKI Interface Design Specification. and. DCCKI Repository Interface Design Specification

Public. Atos Trustcenter. Server Certificates + Codesigning Certificates. Version 1.2

GateHouse Logistics. GateHouse Logistics A/S Security Statement. Document Data. Release date: 7 August Number of pages: Version: 3.

Licensing the Firepower System

NIC SMS SERVICE INTEGRATION

Training of Trainers (TOT) Process Note SCOPE: Training of Trainers - RASCI Certified Trainers/ Experienced Trainers/ Fresh Trainers

ForeScout Extended Module for VMware AirWatch MDM

PHPKB API Reference Guide

System Assessment Report Relating to Electronic Records and Electronic Signatures; 21 CFR Part 11. System: tiamo (Software Version 2.

System Assessment Report Relating to Electronic Records and Electronic Signatures; Final Rule, 21 CFR Part 11. System: tiamo 2.3

AUDIT PROCEDURES. for REGISTRATION AUTHORITY OFFICE

Zero Defect Zero Effect (ZED) Certification Scheme Rating Process

HTTPS File Transfer. Specification

Configuring Certificate Authorities and Digital Certificates

API Documentation. Release Version 1 Beta

SIX Trade Repository AG

Microsoft Architecting Microsoft Azure Solutions.

Send documentation comments to

Managing Certificates

USER INSTRUCTIONS. Once your FACT SHEET and AUDITOR's LETTER are signed, Fax them to us on

HMA-T G-POD Web Service Acceptance Test Report

Sparta Systems Stratas Solution

MTR CORPORATION. User Guide for E-Tendering System R3.16 TABLE OF CONTENTS SYSTEM REQUIREMENT... 1 NEW SUPPLIER / CONTRACTOR REGISTRATION...

NIC Certifying Authority National Informatics Centre Ministry of Communications and Information Technology Government of India

CounterACT Afaria MDM Plugin

DreamFactory Security Guide

GUIDELINE NUMBER E-NAVIGATION TECHNICAL SERVICES DOCUMENTATION GUIDELINE

Configuration Tab. Cisco WebEx Messenger Administration Guide 1

Updated: July LiveEngage secure form for messaging. Contents. Introduction. Secure form benefits. European Security Standards

Sage 300 People & Web Self Service Technical Information & System Requirements

AppPulse Point of Presence (POP)

Cirius Secure Messaging Single Sign-On

Heartbeat API. Document revision 1.0 Date of Issue: 04 October 2018 Date of revision: 04 October Nick Palmer.

Cisco Extension Mobility

KIWIRE 2.0 API Documentation. Version (February 2017)

IBM Silverpop Engage SMS

MasterCard NFC Mobile Device Approval Guide v July 2015

HMA-T G-POD Web Service Acceptance Test Report

ErgoGroup. E-vote 2011 Security Architecture Electronic counting of paper votes V 1.1

ETSI TS V7.1.0 ( )

Cisco Threat Intelligence Director (TID)

443 North Clark St, Suite 350 Chicago, IL Phone: (312) Adeptia Suite 6.0. Release Notes

A company built on security

Compliance of Panda Products with General Data Protection Regulation (GDPR) Panda Security

Message exchange with. Finnish Customs

WP24 CFD Settlement: Required Information

User Guide. Version R94. English

TAX REPORTING SUITE MODULE IDES VERSION 1712

Watson Developer Cloud Security Overview

Single Sign-On. Introduction

DRAFT COPY

This help covers the ordering, download and installation procedure for Odette Digital Certificates.

Guide to Deploying VMware Workspace ONE. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1

Approved alterations in the guidelines for Recognition of Prior Learning (RPL) under PMKVY dated

Electronic Signature Policy

Security Requirements for Crypto Devices

EU Passport Specification

SIF Infrastructure Services

PIDX PIP Specification. P11: Send Field Ticket. Version 1.0

User Guide. Version R92. English

Guide to Deploying VMware Workspace ONE. VMware Identity Manager VMware AirWatch 9.1

T2/T2S CONSOLIDATION USER REQUIREMENTS DOCUMENT SHARED SERVICES (SHRD) FOR

E POSTBUSINESS API Login-API Reference. Version 1.1

Partner Center: Secure application model

All requests must be authenticated using the login and password you use to access your account.

MAGNUM-SDVN Security Administration Manual

OpenIAM Identity and Access Manager Technical Architecture Overview

Forthnet Mobile Platform - groupsms http interface v1.0 1 / 9

APPLICATION FORM FOR CERTIFICATION BODIES Ready Mix Concrete Plant Certification Scheme (RMCPCS)

Single Sign-On. Introduction. Feature Sheet

Attestation Service for Intel Software Guard Extensions (Intel SGX): API Documentation. Revision: 3.0

Create Decryption Policies to Control HTTPS Traffic

Sparta Systems TrackWise Solution

Payment Card Industry (PCI) PIN Transaction Security (PTS) Hardware Security Module (HSM) Evaluation Vendor Questionnaire Version 2.

SERIES X: DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY Secure applications and services Security protocols

Digital Signature Certificate (DSC) Guide. April 2017, Version 1.0

ForeScout Extended Module for MobileIron

Transcription:

Integration Architecture Of SDMS 20 May 2017 Version 1.0 (Rakesh Ranjan, Consultant-IT)

Table of Content 1 ABOUT SDMS...2 2 OBJECTIVE & STRUCTURE OF THIS DOCUMENT...2 3 TRANSACTIONAL SERVICES...3 3.1 HIGH LEVEL ARCHITECTURE...3 3.2 HTTP POST METHOD...4 3.2.1 SERVICE URL... 4 3.2.2 XML FORMAT... 4 3.3 HTTP GET METHODS...5 3.3.1 GET REQUEST FORMAT... 6 3.4 COMMON RESPONSE TEMPLATE...6 3.5 ERROR CODES...7 4 LIST OF SDMS WEB SERVICES...8 5 ONBOARDING PROCESS & PRE-REQUISITES...9 P a g e 1 10

1 About SDMS S kill Development Management System (SDMS) is a software application platform which supports core mandate of National Skills Development Corporation (NSDC) to invest in scalable, high quality, for-profit vocational training initiatives. SDMS is used by MSDE, NSDC, Training Partners of NSDC (TP) & their Training Centers (TC), Sector Skill Councils (SSCs), Assessment Agencies (AA) and Assessors for different roles that they perform in the training ecosystem. Over years, SDMS has emerged as one of the key enablers of the skill ecosystem which is leveraged by multiple ministries for master data management, downstream business processes and reporting. MSDE, Govt. of India, through its revised PMKVY 2016-2020 scheme desires to skill 10 million youth by 2020 with a total investment of Rs 12,000 Crores. Such large-scale transformation initiative requires the support environment to adapt and scale up accordingly therefore it is natural that SDMS, being one of the key enablers, should also undergo transformation to effectively fulfil the objectives of the scheme. One such transformation which has become extremely necessary is provision for data exchange between external software applications operating in the skill ecosystem. It is envisaged that SDMS will adopt API based data exchange infrastructure which will allow both data read and write between disjoint systems belonging to skill ecosystem. Following are the advantages of deploying an API framework: Strict control over data exchange procedures with ecosystem partners through enforcement of terms of usage and data security Unified API framework available for use by multiple internal applications; e.g. old SDMS and new SDMS Complete isolation of SDMS, its database and other internal applications from the outside world to further enhance data security 2 Objective & Structure of this Document This is a technical document, available publicly, meant for software application developers & architects who would be interested in knowing the technical specification of each interface using which the services published to external applications are leveraged. Readers of this document must always ensure that only the latest version is referred because new services will be continuously added to the document and changes to the interface design are also expected to make service more secure and efficient. Moreover, it is expected that all users of SDMS join the Google group nsdcwebapi to submit queries for the community to respond. Whenever a P a g e 2 10

dedicated email or phone support is provisioned by NSDC to answer technical queries on SDMS integration then the community will be notified appropriately. 3 Transactional Services Transactional services refer all services belonging to SDMS which either query or modify data on SDMS. Following principles shall apply to all Transactional services: a. Available on internet through SSL enabled URLs b. Support Http POST and GET methods only c. Allow requests from whitelisted server IP addresses only server that are authorized to consume the service in question d. POST requests to accept payload in pre-defined XML format only (refer subsequent sections for request XML structure). All such request XMLs shall be digitally signed by Class II or III digital certificates issued only by Licensed Certifying Authorities 1. e. GET requests to accept requests only from whitelisted server IP addresses server that are authorized to consume web services 3.1 High Level Architecture Given below is a high-level representation of the network diagram. Objective is to allow access to client applications over internet for quick onboarding while ensuring highest level of security. 1 http://www.cca.gov.in/cca/?q=licensed_ca.html P a g e 3 10

3.2 HTTP POST Method All http requests requiring writing of data on SDMS server shall be accepted through POST method only. All the POST requests shall have the payload in pre-approved XML format only. User applications are expected to migrate to latest version of the XML and services whenever an update takes however NSDC shall allow time-bound limited backward compatibility to application who may not upgrade immediately upon notification of a new release by NSDC. 3.2.1 Service URL All the POST services will be available through the URL https://webapi.nsdcindia.org:8443/sdmsweb/<servicename>/<txncode>/<api-key>/<licensekey> Always supply header Content-Type as application/xml URL parts are explained below: URL Parts servicename Refer table in the subsequent section for the name of the service txncode Your transaction code which will be returned without change in the response for correlation between the request and response API Key Unique identifier of the service License key 40-character long API key provided by NSDC at the time of onboarding or at the time of renewal. Requests accompanied with expired api-keys shall be rejected with appropriate error message 3.2.2 XML Format The XML format should strictly adhere to the template given below otherwise the request will be rejected with appropriate error message. Details of XML elements are explained in the table below: P a g e 4 10

Element Env sid Enclosing tag Unique sender Id (numeric, length 10) issued by NSDC to user organizations lk ver lang ts txn tkn key format Data License key issued to the user organization with validity period Version of the API requested by the user organization. All API shall support limited backward compatibility to support the applications that do not upgrade immediately to latest versions of the APIs Language code. Default code will be EN for English Timestamp captured at the sender s server. It is expected that servers are synced frequently with a NTP server in India. It is expected that value of ts is within 30 seconds of time on NSDC server. Requests having ts outside of 30 seconds limit will be rejected with appropriate messages Transaction code of the user organization for correlation between request and response. Value of txn will be returned without any modification (Optional) Any authentication token e.g. One Time Password required by the API (Optional) Encrypted key to decrypt data, if applicable Format of decoded and decrypted information permissible values are text, xml and json Data in any format whether plain text, xml or json etc. but Base64 encoded. It must be remembered that if the data contains any PII (Personally Identifiable Information) then the same must be encrypted with NSDC s public key before Base64 encoding. Signature - XML payload must be digitally signed by the sender to ensure message integrity and non-repudiation - Digital signing is always done by the sender organization with a certificate within validity period - Only class II or III certificates must be used - Signature should include key info element that contains X.509 certificate details. This is needed for SDMS server to validate the signer - 3.3 HTTP GET Methods All queries from user organizations requiring information from SDMS shall be provided through GET method. Requests received through GET method shall only read data on SDMS server or an external system but shall not make any change to the data. P a g e 5 10

3.3.1 GET Request Format All URLs shall have parameters supplied as path parameters only. Necessary information specific to each query service shall be published by NSDC. Format of the URL shall be of the type: https://webapi.nsdcindia.org:8443/sdmsweb/fservices/<senderid>/<service name>/<version>/<language code>/<api key>/<license Key>/<Transaction Code>/<base64 encoded query params> URL parts are explained below: URL Parts Sender Id Service Name Version Language Code API Key License Key Transaction Code Params Unique 32-char long alphanumeric sender Id assigned to the requestor entity by NSDC. Unique name of the query service invoked Supported version of the API Default will be English EN or as advised in the services table below Unique identifier for each service Valid 40-character long Alphanumeric API key provided by NSDC to the requestor entity. Expired API keys will not work Transaction code of the requestor entity. NSDC will return the code without any processing for correlation between request and the response All the query params must be provided in Base64 encoded format. As an example, query params name=suresh&age=30&gender=m shall be provided as Base64 equivalent as bmftzt1zdxjlc2gmywdlptmwjmdlbmrlcj1t. Refer following sections for parameter details about each service Note: Do not start query parameters string with? 3.4 Common Response Template All the responses from the SDMS shall be encrypted and digitally signed to ensure that only designated user organizations access the data, which may have PII too. Even if response does not contain PII, NSDC as a rule shall return responses in encrypted format only. The response template is explained below (Download XSD Template. Also download common-types.xsd): P a g e 6 10

Details of response XML elements are explained in the table below: Element Response status err ref ts info txn key format Enclosed data Signature Enclosing tag Valid values are SUCCESS and FAIL Error code if status= FAIL otherwise NA is returned. (Refer error codes) Transaction reference number on SDMS server. User organizations must provide the reference number in case of a transaction related enquiry Timestamp of the transaction on SDMS server in ISO8601 format Additional information about the transaction that SDMS may want to return (Optional) Transaction Code of the user organization. It is returned without change to correlate between request and response Encrypted key value used to encrypt the enclosed data. SDMS will return encrypted data only in PLAIN text, XML or JSON format. Permissible values are TEXT, XML and JSON. Base64 encoded data value (in the current version, data will not be encrypted) Digitally Signed XML along with the Signature information of NSDC 3.5 Error Codes Following error codes are the valid error codes that will be returned through response XML if an error takes place. Otherwise err attribute will be returned blank. Error Code E001 E002 E003 E004 Invalid sender Id Invalid License Key Expired License Key Invalid API key or an expired key P a g e 7 10

Error Code E005 Invalid version code E006 Unsupported version of the API E007 Unsupported language code E008 Invalid timestamp format E009 Blank user transaction code E010 Key not decrypted E011 Invalid Base64 encoding E012 Unsupported format permissible formats are text, XML & JSON only E013 Data format does not comply with the format type indicated E014 Digital signature verification failed E015 Invalid key info on the signature E016 No payload received E017 Invalid XML Payload E018 Invalid service name E019 Invalid User Transaction Identifier E020 Request received from unauthorized IP address E021 Third party service error E022 Digital Signature of Sender not found on the server E023 Digital Signature not within validity date E024 Data encryption error E025 Internal Error E026 Mandatory parameters not supplied E027-050 Reserved for future enhancements E999 Unknown Error NA No Error/Success 4 List of SDMS Web Services Below is the list of web services which will be published on SDMS server as RESTful web services. User organizations are expected to refer latest version of this document to obtain the latest list of services published. All the web services will be published on an NSDC server available through a public IP available through a SSL enabled URL. SL. No. Name of the Web Service Params Query Services (GET) P a g e 8 10

SL. No. Name of the Web Service Params 1 fetchtp Base64 encoded value of Token=bnNkYzd0ZXBp& insertdate=yyyy-mm-dd 2 fetchtc Base64 encoded value of Token=bnNkYzd0ZXBp& insertdate=yyyy-mm-dd Fetch all Training Partner information from QCI s Smart portal Fetch all Training Center information from QCI s Smart portal Update Services (POST) 4 addtp NA Add one or more Training Partner/ Project Implementation Agency Download XSD <URL of the XSD> 5 addtc NA Add one or more Training Center 6 pushuritodigilocker NA Download XSD <URL of the XSD> 5 Onboarding Process & Pre-requisites a. Send a request to NSDC on your organization s letter head indicating the intent and purpose of using NSDC s services. Letters must be addressed to Capt. Uday Prasad, Head- IT, National Skill Development Corporation, Block-A, Clarion Collection (Qutab Hotel), Shaheed Jeet Singh Marg, New Delhi - 110016 b. Sign the MoU with NSDC to mutually agree on the terms of usage services & data c. Complete the onboarding process with NSDC and obtain the following: - 10-character long numeric Sender Id. One unique sender Id will be issued to every requestor to be used on perpetual basis after signing of the MoU - 40-character long alphanumeric API Key. The keys issued will require renewal after the expiry date is exceeded. Normally, NSDC will issue API keys that will be valid for a period of 12 months or until the expiry of the MoU whichever is earlier. - Share your public key in PEM format with *.cer extension with NSDC which will be used to encrypt the sensitive data elements in the response XML. Your Digital P a g e 9 10

Certificate must have been procured by one of the Licensed Certifying Authorities in India (http://cca.gov.in/cca/) - Designate a management and a technical point of contact for future communication d. Join the Google group nsdcwebapi to post technical queries and answer queries of other developers/ architects in the ecosystem e. Specific queries which are not technical in nature may be sent to webapihelp@nsdcindia.org *** End of the Document *** P a g e 10 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback