Pearson
Always Learning

Overview

The POST Cartridge API enables a new SCORM package zip file (=cartridge) to be added to the Pearson SCORM Services Platform by a Consumer.

The POST request body contains the URL address of the SCORM package zip file that is to be added.

When the POST request is received by the Platform, a tracking number and a HTTP status code of 202 (Accepted) are returned. The status code 202 indicates that server has received and understood the request and that it has been accepted for processing. The SCORM package URL is added to a queue and may not be processed immediately.

When the URL of the SCORM package zip file is dequeued, the following workflow is executed:

  1. The SCORM package zip file is downloaded by the Platform,
  2. The file is unzipped.
  3. The imsmanifest.xml is checked for well-formedness and schema validity.
  4. The imsmanifest.xml file is parsed to create a new record in the Platform.
  5. Static content assets from the unzipped SCORM package are deployed to a content delivery network.

If there is any error, the work flow stops and a message is returned asynchronously to the Consumer.

When the workflow completes without error, a success message is returned asynchronously to the Consumer.

Sequence Diagram

HTTP Verb Descriptions

HTTP Verb
Description
POST
Create a new cartridge record

Security

The POST Cartridge request is secured by signing the request using the OAuth 1.0 signing protocol and placing the OAuth parameter name/value pairs into the header of the HTTP request. Only the signature method HMAC- SHA1 is supported.

For application/json and application/xml request content type requests the additional oauth_body_hash parameter must be included in the the header of the HTTP request. The OAuth Core specification provides body integrity checking only for application/x-www-form-urlencoded request bodies and so this additional parameter provides an integrity check on non-form-encoded request bodies. For more background see:

API Routes/Parameters

/cartridges

Request Header

The POST Cartridge request is signed using the OAuth 1.0 sigining protocol and the oauth_* parameter name/value pairs are added to the request authorization header. For more background see:

Request Body

Supported for POST:

Request content type: application/json

{
 "ext_resource_link_authorise_type": "{resourceAccessControl}"
 "ext_resource_link_content": "{resourceUrl}",
 "resource_id": "{resourceId}",
 "resource_object_name": "{resourceFileName}",
 "resource_title": "{resourceTitle}",
 "resource_version": {resourceVersion},
 "upload_to_cdn": {uploadToCdn},
 "validate_cartridge_xml": {validateCartridgeXml}
}

Request content type: application/xml

<CloudEnqueueRequest>
 <ext_resource_link_authorise_type>{resourceAccessControl}</ext_resource_link_authorise_type>
 <ext_resource_link_content>{resourceUrl}</ext_resource_link_content>
 <resource_id>{resourceId}</resource_id>
 <resource_object_name>{resourceFileName}</resource_object_name>
 <resource_title>{resourceTitle}</resource_title>
 <resource_version>{resourceVersion}</resource_version>
 <upload_to_cdn>{uploadToCdn}</upload_to_cdn>
 <validate_cartridge_xml>{validateCartridgeXml}</validate_cartridge_xml>
</CloudEnqueueRequest>

Request content type: application/x_www_form_urlencoded

ext_resource_link_authorise_type={resourceAccessControl}&ext_resource_link_content={resourceUrl}&resource_id={resourceId}&resource_object_name={resourceFileName}&resource_title={resourceTitle}&resource_version={resourceVersion}&upload_to_cdn={uploadToCdn}&validate_cartridge_xml={validateCartridgeXml}

Request Body Parameters

Name
Description
Data Type
Valid Values
Mandatory
resourceAccessControl Access control method used by the Consumer to protect the SCORM package zip file.
string
"oauth" Yes
resourceUrl
Location of the SCORM Package zip file.
string
Any valid URI
Yes
resourceId Unique identifier used by the Consumer to identify the SCORM package zip file.
string
Only lower case alphanumeric characters along with the hyphen and underscore characters. No space characters. Yes
resourceFileName
File name of the SCORM package zip file.
string
Alphanumeric characters along with the hyphen and underscore characters. No space characters.
Yes
resourceTitle
Title label used by the Consumer.
string
  Yes
resourceVersion
Version number used by the Consumer to version the SCORM package zip file.
integer
Any positive, non-zero integer
Yes
uploadToCdn
Instructs the SCORM Services Platform to deploy the SCORM package content to a content delivery network.
boolean
true (default), false
No
validateCartridgeXml
Instructs the SCORM Services Platform to check that XML documents in the SCORM package should be tested for schema validity.
boolean
true (default), false
No

Response Header

(To do)

Response Body

For POST:

Request content type: application/json

{"tracking_number": {trackingNumber}}

Request content type: application/xml

<CloudEnqueueResponse>
  <tracking_number>{trackingNumber}</tracking_number>
</CloudEnqueueResponse>

Request content type: application/x_www_form_urlencoded

tracking_number={trackingNumber}

Response Body Parameters

Name
Description
Valid Values
trackingNumber A number issued to the Consumer client that made the request that can be subsequently used to track the processing of the SCORM package on the Platform.
A positive, non-zero integer

Response HTTP Codes

Status Code
Description
Comment
202
Accepted
The server has received and understood the request and that it has been accepted for processing. The SCORM package URL has been added to a queue and may not be processed immediately.
400
Bad Request
Mandatory parameters were missing from the request.
401
Not Authorized
The server could not validate the OAuth signature that accompanied the request.
500
Internal Server Error
The server encountered some problem.

Example Request/Response for Content Type application/json

Request

POST http://platform.com/cartridges

Request Header

POST http://platform.com/cartridges HTTP/1.1
Content-Length: 757
Authorization:  OAuth realm="",
                oauth_version="1.0",
                oauth_nonce="29f90c047a44b2ece73d00a09364d49b",
                oauth_timestamp="1313350943",
                oauth_consumer_key="wrt45h9se628f6gh99d56b0a592e7g27",
                oauth_body_hash="v%2BxFnmDSHV%2Fj29qhxLwkFILrtPo%3D",
                oauth_signature_method="HMAC-SHA1",
                oauth_signature="8auRpRdPY2KRXUrOyz3HKCs92y8%3D"
Content-type:   application/json

Request Body

{
 "ext_resource_link_authorise_type": "oauth",
 "ext_resource_link_content": "http://content.com/Icodeon_Multi_SCO.zip",
 "resource_id": "icn-icodeon_multi_sco",
 "resource_object_name": "Icodeon_Multi_SCO.zip",
 "resource_title": "Icodeon Sample SCORM Package",
 "resource_version": 1,
 "upload_to_cdn": true,
 "validate_cartridge_xml": true
}

Response

HTTP/1.1 202 Accepted

Response Body

{"tracking_number": 178150063}
4473 reads
Always Learning
Pearson