Skip to main content

Classe365 API Introduction

An introduction to Classe365 API

Written by Ashley Cooper

The Classe365 API is structured around Representational State Transfer (REST). The API features predictable, resource-oriented URLs and utilizes HTTP response codes to indicate errors. It employs standard HTTP functionalities, such as HTTP authentication and HTTP verbs, which are compatible with common HTTP clients. We support cross-origin resource sharing (CORS), enabling secure interaction with our API from client-side web applications; however, you should never expose your secret API key in any public website’s client-side code. All API responses, including error messages, are returned in JSON format, although our API libraries convert these responses into appropriate language-specific objects.

Authentication 

The Classe365 API relies on HTTP Basic Authentication. Every single incoming request must include an Authorization header containing your tenant credentials.

How to Construct Your Credentials

Your authentication credentials consist of two parts:

  1. Username: Your tenant's subdomain (e.g., if your URL is evaluate3x.classe365.com, the username is evaluate3x).

  2. Password: Your unique API Key. This can be generated directly within the admin portal by navigating to Settings → API Keys.

Generate API Key

Login to your Classe365 acount as a super-admin, and go to Modules > Administration > APIs

Click on ➕ Create API Key button to add an API key

Choose whether the API key applies to all modules or to specific modules, and select the modules that the API key will have access to.

For security reasons, the API key is displayed only once at the time of creation; please ensure that you copy the API key.

Notes:

  • Do not share your secret API keys in publicly accessible areas such GitHub, client-side code, and so forth.

  • To use your API key, assign it to Classe365.api_key. The PHP library will then automatically send this key in each request.

  • It is recommended to make all API requests be made over HTTPS. Calls made over plain HTTP is not secure and is not recommended. API requests without authentication will also fail.

To authenticate, join these two strings together with a colon (subdomain:api_key) and encode the entire string using Base64.

Required Request Headers

When constructing an API request, include the following headers in your payload:

Header

Expected Value

Required?

Description

Authorization

Basic <Base64(subdomain:api_key)>

REQUIRED

Authenticates your application with your specific tenant instance.

Content-Type

application/json

OPTIONAL

Required whenever you are sending a JSON payload in a request body (e.g., during a POST request).

Authentication Example (cURL)

Below is an example of how a standard request header looks when constructed in a tool like cURL:

curl -X GET "https://evaluate3x.classe365.com/restv2/students" \
-H "Authorization: Basic ZXZhbHVhdGUzeDpreXNqZDRmNThzYWRmODk0Y2Zh" \
-H "Content-Type: application/json"


For more inquires on API's please write to [email protected] or contact support using the chat interface found on all pages of your account.

Did this answer your question?