API Configurations

Service Account Configurations

To enable automated delivery of CAS application data through the API, Slate requires each instance to have a “CAS/Liaison Service Account” (functionally a “user”) which is assigned a role that allows SFTP access. This “user” is what holds the permissions, allowed networks, and other security settings to allow the data to be transferred from the CAS environment into the Slate environment via SFTP.

The CAS/Liaison Service account is pre-configured in Slate and available from the Slate Template Library (STL). Instructions for adding it are in the Slate KB.

Password

Copy and save the password prior to saving changes, because once saved, the password will not be visible. You will need the password to configure the CAS API subscription with Liaison. 

Allowed Networks

In December 2023 - January 2024, Liaison migrated their CAS systems to AWS. This change required the list of “allowed networks“ assigned to the CAS/Liaison Service Account to be updated to include 7K+ possible IP addresses and CIDR subnets that might now be sending data to the SFTP server.

Below is a PDF of the announcement from Liaison with details about the migration timeline, and a txt file containing a comma-separated list of the AWS IP addresses, removing the CIDR subnets not supported by Slate. This file can be used to update the service account, but detailed instructions for how to generate it are included below for future reference.

To obtain the list of IP addresses:

1. Go to https://ip-ranges.amazonaws.com/ip-ranges.json and copy the JSON file.

2. Use a JSON converter to convert to an excel spreadsheet.

3. Open the excel spreadsheet and use highlight text rules to identify any IP addresses that contain a CIDR notation between /0 and /15, then delete those from the spreadsheet (when this was done in 12/2023, there were only CIDR notations of 11 - 15). Slate will not allow these CIDR subnets for security reasons (they cover too wide a range of possible IP addresses, from 131,072 to 4,294,967,296 total IP addresses).

4. Copy the column of IP addresses remaining and use a column to comma separated list converter to make the new list.

5. In Slate, go to Database > Users > CAS/Liaison Service Account > Roles and scroll to the bottom where there is a field for “Allowed Networks.” Paste your comma separated list at the end, then save.

Allowed Networks (Deprecated January 2024)

Below are the IP addresses that are included in the “allowed networks” of existing CAS/Liaison Service accounts for future reference. It is unclear which exactly are used by the Liaison systems, the following list is provided for reference/troubleshooting.

CLEAN SLATE

12.130.14.3, *
35.196.40.74, *
35.237.218.144, *
35.237.169.192, 
34.74.5.60, 
35.185.121.56, 
34.74.128.171, 
104.196.102.47


TUSMGP

12.130.14.3, *
35.196.40.74, *
35.237.218.144, *
35.237.169.192, * 
108.26.138.40, x
130.64.2.186, x
130.64.35.32, x
3.224.174.183, x
52.0.120.196, x
52.2.196.251, x
52.71.217.11, x
54.161.89.200, x
54.205.199.53, x
130.64.3.197 x

Troubleshooting Connection Issues

https://knowledge.technolutions.com/hc/en-us/community/posts/20008552350875-SFTP-Issues

https://help.liaisonedu.com/Integration/CAS_API/CAS_Slate_Integration/Go_Live_and_Future_Preparedness/04_Troubleshooting_Your_Integration

Using Postman and Endpoints

CAS Resources

https://help.liaisonedu.com/Integration/CAS_API/CAS_Slate_Integration/Configuring_Automation/05_Common_Business_Events

https://help.liaisonedu.com/Integration/CAS_API/CAS_Slate_Integration/Configuring_Automation/06_Common_Data_Holds

Obtaining an individual application file

The following instructions use the CAS → Slate V5 Postman collection provided by Liaison. At minimum you need the name of the applicant, but it is also good to have the CAS Applicant ID to ensure the correct application data is identified.

1. Select the environment for the CAS application you are trying to access, and send a call for an authorization token (POST Call Auth Token).

2. Next send a call to the GET applications list. The response will contain details for every application in the CAS and cycle (application form ID) and the school/college/university (organization) established in your environment. Use the search tool in Postman to search for the name or CAS Applicant ID of the applicant you are trying to find; make note of the application ID.

   

3. Open the GET individual application endpoint. Paste the application ID into the value under the “Params > Path Variables” section. Next, in the Headers menu make sure that Accept is set to text/csv (default is application/json, changing this ensures a text file is returned). Save the endpoint and then send it.

   

4. Save the response locally.

   

5. Open Excel, use “Open” to find the file that you saved in the previous step. Make sure to change the type of file you are looking for to “All Files.”

   

6. Excel may give a warning, but click yes to open anyway. Excel will then run through the Text Import Wizard. Select Delimited for Step 1, then “comma” in Step 2, and then finish. The workbook will open; save as a CSV file.

   

7. Go to Slate to the Source Format configured to import this type of file for the API.

   

Deciding to use the CAS API vs. WebAdMIT API

Identifying and Interpreting Data Fields

CAS API Data

https://help.liaisonedu.com/Integration/CAS_API/CAS_Slate_Integration/Working_with_Source_Formats_and_Mapping/08_CAS_API_Data_Dictionaries

Program Configuration Data

https://help.liaisonedu.com/WebAdMIT_Help_Center/Configuration_Portal/Previewing_and_Submitting_Your_Programs/4_Export_Program_Data

Source Format Configurations

Data Source Formats

Round Creation/Update

Person and Application-scoped ID and Record Matching

Accomodations for CAS vs. Slate Differences

References/Evaluations