API Management

The API Management page provides access to the following tabs:

  • Manage APIs - This page allows you to enable and disable purchased API products
  • Manage OAuth 2.0 Applications - This page allows you to manage OAuth 2.0 applications
  • Manage STS Keys - This page allows you to retrieve API keys for Cornerstone's legacy STS authentication framework (STS is being deprecated and will be fully retired in Feb 2021)

To access the API Management page, go to: Admin > Tools > Edge and click the API Management link. On the Edge Integrate page, select the Manage Applications tab.

PERMISSION NAME PERMISSION DESCRIPTION CATEGORY
Edge APIs - Manage Grants ability to manage Edge APIs on the API Management page. Edge

Manage APIs

From the Manage APIs tab, you can manage any APIs that your organization has purchased.

  • To disable a purchased API, toggle the switch next to the integration to the Off position.
  • To enable a purchased API, toggle the switch next to the integration to the On position.

Manage OAuth 2.0 Applications

On the Manage OAuth 2.0 Applications page, you can register new OAuth 2.0 applications or manage existing OAuth 2.0 applications.

You can enable and disable existing applications by toggling the switch next to the application to the On or Off position.

To register an application:

  1. Click the Register New Application button.
  2. Populate the fields on the Register New Application page, including the Application Name, Username, and a validity period, if applicable.
    • Each registered application must be associated with an existing user account, which functions as a service account. This user account is bound to the application and to the client ID and secret.
    • The validity period defines the time period, in seconds, for which an access token is issued. This field is optional. If no value is entered, access tokens will be assigned a default validity period of one hour. The maximum value that can be entered in this field is 86,400 seconds (one day). The minimum value is 300 seconds.
  3. Click the Register Application button.
  4. Copy the client ID and secret generated by Cornerstone to use when building your API-based integration. Be sure to save this information for your use, as you will only be shown the secret once.

Note: If needed, a registered integration can be deactivated from the Manage Integrations tab by toggling the Active switch to the Inactive position.

Manage STS Keys

Cornerstone's custom authentication framework, Session Token Service (STS), will be deprecated in February 2020 and will be fully retired and unavailable in February 2021. During the deprecation phase, Cornerstone will stop supporting STS. The STS endpoint will still be available during the deprecation phase, but Cornerstone will no longer address any defects or enhance this endpoint. Any requests to the endpoint will fail starting February 2021, when STS is fully retired.

Organizations will need to modify their code for existing integrations that use Cornerstone's API and switch to OAuth 2.0 from STS by February 2021. This only impacts Cornerstone's RESTful APIs, which includes the following:

  • Cornerstone's Foundational APIs (i.e. Cornerstone REST services)
  • Reporting API
  • Employee API (i.e. Cornerstone Core/CHR services)
  • Express Class API
  • Job Application API

The following are NOT currently impacted:

  • xAPIs
  • SOAP APIs