The OneRoster 1.1 standard uses OAuth 2.0 Bearer Token Authorization to grant access to the OneRoster API. This section details the steps required to obtain and utilize the access token. 


Acquire Access Token: Client Credentials Flow

Issue a POST request to acquire an access token. Scopes MUST be included in the request. The Response will include the scopes authorized. It is not necessary to request all scopes, but a minimum of one must be included. At this time there is no /resources endpoint.


URL: base URL + /token 

Example: https://demo.aeries.net/aeries/token


Request Headers:




Response:

{
    "access_token": "ccfc1cc84a1b6163be0fc96145c46335",
    "token_type": "bearer",
    "expires_in": 21600,
    "scope": "https://purl.imsglobal.org/spec/or/v1p1/scope/roster-core.readonly https://purl.imsglobal.org/spec/or/v1p1/scope/roster.readonly https://purl.imsglobal.org/spec/or/v1p1/scope/roster-demographics.readonly https://purl.imsglobal.org/spec/or/v1p1/scope/resource.readonly https://purl.imsglobal.org/spec/or/v1p1/scope/gradebook.readonly https://purl.imsglobal.org/spec/or/v1p1/scope/gradebook.createput https://purl.imsglobal.org/spec/or/v1p1/scope/gradebook.delete"
}


Using the Request Headers approach, the client credentials are encoded to Base64 format. This is the preferred approach.



Make a request

With a valid access token, data may be requested from the OneRoster API provided that permission has been granted to the underlying security area by the Aeries Administrator. The URL is constructed as described in the Available Endpoints article.


URL: base URL + root URL + version + endpoint

Example:  GET https://demo.aeries.net/aeries/ims/oneroster/v1p1/orgs


Request Headers:


Response:


{
    "orgs": [
        {
            "name": "Eagle Unified School District",
            "type": "district",
            "identifier": null,
            "parent": null,
            "children": [
                {
                    "href": "~/ims/oneroster/v1p1/orgs/894",
                    "sourcedId": "894",
                    "type": "org"
                },
                {
                    "href": "~/ims/oneroster/v1p1/orgs/994",
                    "sourcedId": "994",
                    "type": "org"
                }
            ],
            "sourcedId": "0",
            "status": "active",
            "dateLastModified": "2025-05-01T05:00:20.097Z",
            "metadata": null
        },
...