Getting Access to the CAS API

Last updated
Save as PDF

CAS API Security

The CAS API requires an OAuth 2-compliant identity token to call any endpoint. Typically the first API call your integration application makes to the CAS API is an identity token. These tokens are valid for one hour. Your integration application must refresh the identity token on an hourly basis; otherwise, your API calls will be refused with an "unauthorized" error message.

The OAuth 2 identity token also includes what data you can access. The CAS API currently supports two types of users:

Association user: this user can view any institution that participates in a CAS and all applicants and applications.
Organization user: this user can only view the applicants and applications for their specific institution.

Requesting a CAS API Account

Access to the CAS API is provided upon request by your campus's Institution Manager. The Institution Manager should contact Liaison's Client Support Specialist team to request access. When requesting access, please provide the following information:

Institution Manager's name and email address
Name of the user to receive CAS API access
The name of your institution (university/college/school/etc.)
The CAS, one or many, that you're interested in (e.g., BusinessCAS)
The CAS admissions cycles you're interested in (e.g., 2023-2024 and 2024-2025)
The CAS API user's phone number
The CAS API user's email address

Liaison will then create an account for you with a default password, which you can change afterward. Since the password reset email is sent to the email address you provide, Liaison recommends using an email address account that you can check for these emails.

In addition, if your institution has multiple integration projects, then each CAS API account must have a unique email address. Creating separate API accounts for each integration application is a security best practice and is strongly recommended.

Testing the CAS API

You can test the CAS API using one of the following API client tools or sample codes from https://developer.liaisonedu.com. You must have an active CAS API account first before testing.

Postman is a free API testing tool, available for free download. For steps on how to use Postman to generate an identity token and call an API endpoint, refer to Postman's Learning Center.
cURL is a free command-line tool for transferring data using various protocols and is available for Windows and Mac OS. If you have access to a bash shell, you can also try #curl --help.

We also offer screenshots and sample code for using Postman and cURL. Note that the screenshots included may differ from your view. If you have any questions about using Postman and cURL, contact those companies directly.