Job Ready ESS API Service Identity Setup


TABLE OF CONTENTS

 

Part A

  1. Overview

    This document outlines the steps involved to setup an ESS Service Identity, which is required
    by the job ready Web application in order to interact with the Australian Government
    Department of Education, Skills and Employment software systems through the Application
    Programming Interface (API).

    During your Organization's onboarding process for job ready, for the web application server
    to access the ESS Subscriptions Data for your organization, your ESS Admin would have been
    asked to create Subscription reports. These Subscription Reports can be accessed by the
    Depts API through a secure API Gateway.

    As per the Dept’s Document on the API Gateway – Authorization and Authentication
    Overview, the job ready web application is setup under Scenario 3: Service to Service, and
    as such also requires an ESS Service Identity to be created and linked to an SSL Certificate.
    This will provide the web application secure API access to the ESS Subscriptions.

    For more information refer to your ESS Portal help doc: eSam - Manage Service Identities -
    User Guide, see Appendix A for details on where to access ESS Portal help docs.

  2. Target Audience and Assumed Knowledge


    This document is targeted at IT Administrators and Managers and your ESS Organisation
    Security Contact (OSC). You are required to be familiar with administration functions within
    the Organization's ESS eSam Web Portal. The ESS Service Identity that will be created
    requires specific roles and an SSL certificate that we provide, to be uploaded to ESS in order
    to successfully interact with the Web API functionality within the job ready web application.

  3. ReadyTech’s Authorized Representative

    ReadyTech’s General Manager of Work Pathways, Chris McMillan, is the chosen
    representative authorized to access your Organizations ESS Subscription data.
    Chris McMillan will be the persona that is linked to the API Service Identity that you will
    create.

 

Part B

  1. ESS Service Identity Creation

    In order to access the ESS API, a secure authentication and authorization process is setup by
    the department. As the ESS OSC, you will require ESS eSam Service Identity Creation
    privileges to complete this process.

    If your ESS user has these privileges, your Home menu will have the Service Identities option
    as shown and you may proceed to Create the New Service Identity. If you do not see the
    Service Identities option, please contact the ESS Support Helpdesk before continuing.

  2. Create New Service Identity

    After clicking ‘Create a New Service Identity’, add the details below. Note the last name
    prefix includes (Job Ready Application) to be clear about where this API role is used.

    First Name: Chris
    Last Name: McMillan(Job Ready Application)
    Email Address: [email protected]
    Phone Number: 0422431252
    Confidential Client Redirect Url: https://fake.local.host/fwhtrn
    Confidential Client Certificate Raw Data: <<see email attachment>>
    Jwks Url Endpoint: https://readytech.com.au/

  3. Adjust Service Identity Roles
     

    Specific roles are required for the new Service Identity in order to provide access to the
    required API services.

    Base Role:
    SPS – Service Provider Basic & Claim & Rates

    Contract Type:
    As per the ESS contracts for your Organization.

    Reporting Roles:
    1. CNC – Bulk Data Facility

    2. ESP – Performance and Organizational Access

  4. Supply the Service Identity Client ID to Job Ready


    The new Service Identity will be assigned a Client ID value by ESS.
    This value is required by the Job Ready application in order to make a correct user identity
    assertion for your Organisation.

    As per the image below, copy the value in the Client ID field and email it to the
    [email protected].

 

Confirmation

 

The Job Ready team will now take the Client ID and configure and test the API access for

your Organization.

 

Appendix A - eSam - Manage Service Identities - User Guide

 

The Manage Service Identities User Guide is a department document specific to the

functions relating to Service Identities. It can be found in your Provider Portal, search for API

as per image below.

 


Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.