NIH | National Cancer Institute | NCI Wiki  

Error rendering macro 'rw-search'

null

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 15 Next »

Once you have received your Client ID and Client Secret from CTRP Support, follow the steps below to use the NCI CTRP and PRS REST services. An Okta authentication token is required to use these services. There are different processes between PRS and CTRP users, see below for explanations.

For CTRP users

Users accessing the CTRP Accrual, Trial Registration, Participating Site REST services. See the following for additional details on the various CTRP web services: 

1. Get Okta access token

The following endpoint will generate an Okta access token provided the parameters passed in are valid. Please contact CTRP_support@nih.gov for any questions or issues in regards to generating the Okta access token.

POST:

curl --request POST “https://<clientId>:<clientSecret>@bioappdev.okta.com/oauth2/aus3ym6wniM6O3MGE297/v1/token” \
--header “Accept: application/json” \
--header “Content-Type: application/x-www-form-urlencoded” \
--data-urlencode “grant_type=client_credentials" \

Parameters:

clientId

Client ID

clientSecret

Client Secret

Response:

{"token_type":"Bearer","expires_in":43200,"access_token":<accessToken>}

2. Call REST Service with Bearer Authentication

Include the access token in the 'Authorization: Bearer' parameter when submitting API requests. The following example uses the accrual-services URL and lists the required header and parameters.


curl --location --request PUT 'https://trials-int.nci.nih.gov/accrual-services/trials/nci/NCI-2019-00038/sites/po/7434 ' \

--header 'Content-Type: application/json' \

--header 'Accept: application/xml' \

--header 'Authorization: Bearer <accessToken>'

Parameters:

accessToken

Access Token generated in step 1.

idTypenci
trialIDNCI-2019-00038
id7434

Response:

   JSON or XML data, depending on which service is being used.

For PRS users

1. Get Okta access token

The following endpoint will generate an Okta access token provided the parameters passed in are valid. Please contact CTRP_support@nih.gov for any questions or issues in regards to generating the Okta access token.

POST:

curl --request POST “https://<clientId>:<clientSecret>@bioappdev.okta.com/oauth2/aus3ym6wniM6O3MGE297/v1/token” \
--header “Accept: application/json” \
--header “Content-Type: application/x-www-form-urlencoded” \
--data-urlencode “grant_type=password” \
--data-urlencode “username=<username>” \
--data-urlencode “password=<password>” \
--data-urlencode “scope=openid”

Parameters:

clientId

Client ID

clientSecret

Client Secret

username

CTRP OKTA account email ID

password

CTRP OKTA account password

Response:

{"token_type":"Bearer","expires_in":43200,"access_token":<accessToken>,"scope":"openid","id_token":<idToken>}

2. Call REST Service with Bearer Authentication

Include the access token in the 'Authorization: Bearer' parameter when submitting API requests.


curl --location --request GET 'https://trials.nci.nih.gov/services/trials/<NCT> ' \

--header 'Content-Type: application/json' \

--header 'Accept: application/xml' \

--header 'Authorization: Bearer <accessToken>'

Parameters:

accessToken

Access Token generated in step 1.

NCT

Trial ID (e.g. NCI-2017-02883)

Response:

   XML data

Error Codes for the Okta API

Error

Code

Message

Invalid Client Id

401

{

    "errorCode": "invalid_client",

    "errorSummary": "Invalid value for 'client_id' parameter.",

    "errorLink": "invalid_client",

    "errorId": "oaejDJuWCiRTQeH8n6WG2116A",

    "errorCauses": []

}

Invalid Client Secret

401

{

    "error": "invalid_client",

    "error_description": "The client secret supplied for a confidential client is invalid."

}

Invalid User Credentials / Account Locked*

400

{

    "error": "invalid_grant",

    "error_description": "The credentials provided were invalid."

}

Password Rotation

The Client ID and Client Secret need to be updated on a yearly basis. The CTRP team will provide the new Client ID / Client Secret combination to PRS two weeks before each update. During the two-week grace period, both old and new credentials will work.

Test Site

https://trials-stage.nci.nih.gov/services/trials/

Error Codes for the Okta API

Error

Code

Message

Invalid Client Id

401

{

    "errorCode": "invalid_client",

    "errorSummary": "Invalid value for 'client_id' parameter.",

    "errorLink": "invalid_client",

    "errorId": "oaejDJuWCiRTQeH8n6WG2116A",

    "errorCauses": []

}

Invalid Client Secret

401

{

    "error": "invalid_client",

    "error_description": "The client secret supplied for a confidential client is invalid."

}

Invalid User Credentials / Account Locked*

400

{

    "error": "invalid_grant",

    "error_description": "The credentials provided were invalid."

}

  • No labels