Always Learning

Posted by Wes | about 2 years ago

We are demystifying the Experience API for ourselves and anyone else that wants to follow along. The previous article of this series defined many xAPI related terms. This article will focus on the method for directing a learner to xAPI aware content.


We have been on a journey to understand the Experience API. We previously explored the following:

Activity Providers

The host of xAPI aware content is known as an Activity Provider. We previously defined them as the following:

Activity Provider is what the Experience API calls sources of learning. These providers report xAPI Statements to a LRS via the Experience API. Digital learning content is well positioned to handle that notification without human intervention. The provider can report to any LRS, because the LRS details are provided when the content is launched.

The launch is initiated by a link known as a Launch Link. Launch Link parameters are just query string parameters. These parameters are appended to a URL in a format such as ?name=value&anotherName=anotherValue.

Launch Link Parameters

The Experience API uses the following parameters to interact with the LRS:

Parameter Name Parameter Description
endpoint URL of LRS
auth Authentication to provide LRS
actor Actor portion of statements reported to LRS
activity_id (optional) Group activity identifier for reference in LRS. (i.e. Lesson Plan)
registration (optional) Session identifier for reference in LRS. (i.e. Section, Assignment)

Reference the Golf Example from to see the Launch Link in action. The parameters are visible in the browser address bar. Here’s what we saw:

Parameter Name Parameter Value
auth Basic%20VGVzdFVzZXI6cGFzc3dvcmQ%3D
actor %7B"mbox"%3A""%2C"name"%3A"Test%20User"%2C"objectType"%3A"Agent"%7D
registration (optional) e168d6a3-46b2-4233-82e7-66b73a179727

There’s URL encoding for the browser in those values, so let's make it human readable. Decoding these values with results in:

Parameter Name Parameter Value
auth Basic VGVzdFVzZXI6cGFzc3dvcmQ=
actor {"mbox":"","name":"Test User","objectType":"Agent"}

Most of those values are readable now. The endpoint parameter is a URL, and the actor parameter identifies the user in JSON. A little formatting makes the JSON more human readable.

Parameter Name Parameter Value
  "mbox" : "",
  "name" : "Test User",
  "objectType" :  "Agent"

The auth parameter is still undecipherable though. That’s because the second part of the auth parameter is Base64 encoded, so we can paste that part in to decode it. This reveals a username and password separated by a colon.

Parameter Name Parameter Value
auth Basic TestUser:password

That scheme is known as Basic Authentication, and it’s the simplest type of authentication supported by xAPI. OAuth is another option, but we will not visit that until later.

What's next?

Now we understand how the Activity Provider becomes aware of the LRS. Simply launching the Golf Example from results in statements in their public LRS. The next article in this series will focus on retrieving those statements. Afterwards, we’ll come back to how those statements were submitted.

Feel free to jump ahead to other articles in this series:

Also, definitely check out and's xAPI standard for more in-depth details. We are just scratching the surface with this whirlwind tour, and those resources were our reference. We would like to give credit and a BIG THANKS to the maintainers of both!


No votes yet

10988 reads
Always Learning