...
See the About GraphQL APIpage for an introduction to the basic concepts of GraphQL technology, the schema, and examples of the functional operations used in the Fraud Data API (query, mutation, subscription).
...
The Fraud Data API
TheIn the first phase of the Fraud Data API development, the CCCTC has designed an API solution that supports the reporting and sharing of fraudulent admission application data between colleges across the system through three primary workflow operations:
...
to a
...
centralized database
...
Receive fraud notifications to a dedicated staging table using the College Adaptor
...
and the ability to run queries against that data using an authorized MIS code with an AppID or CCCID. Internally, an algorithm determines if a submitted fraud application report also impacts another college in the district. If so, Superglue is leveraged to notify that college of the suspected bad actor.
Districts are encouraged to utilize this API in a custom process that works with their internal SIS system. The API can also be used ad hoc to to and a series of processes to between colleges across the system through three primary workflow operations:
Submit fraud information to a CCCTC centralized database
Receive fraud notifications to a dedicated staging table using the College Adaptor
Query the fraud database directly via the API
Eventually through continuous improvement, the API will be extended to also support other types of fraud data, including financial aid fraud. Participating districts are provided the Fraud Data API schema (GraphQL-based, described further below) and authorized access to the API during the implementation process with the CCCTC.
...
Submitting a Fraud Report Via API
A One of the primary objective objectives of the Fraud Data API is to report local fraud data from an individual college or multiple colleges in a district to the CCCTC, which then identifies the individual (CCCID) connected to the suspected fraud application (AppID), so that all other applications submitted by that CCCID can be located and shared with the college(s) that have received applications from the identified individual.
Through the API, the FraudReportSubmit mutation is the operation used for submitting a fraud report using an application id (AppID) or a student ID (CCCID), or both. In most cases, only the AppID is truly needed. A GraphQL mutation is an object type that is used to modify server-side data. Just as with queries, if the mutation field returns an object type, you can ask for nested fields. It can also contain multiple fields.
...
enable colleges to report information about suspected or identified fraudulent admission applications to the CCCTC (Fraud Report) in order to identify and prevent the individual (CCCID) from committing fraud against the college, and other colleges, in the future.
The FraudReportSubmit Operation
The Fraud Data API schema defines this process as the FraudReportSubmit type operation, which is a query mutation that requires a variable input argument of at least one field (FraudReportSubmitInput!) and generates a response (FraudReportSubmitPayload). In most cases only the application ID (AppID) input field is truly needed; however additional fields can also be added as input variables.
Panel | ||
---|---|---|
| ||
|
The FraudReportSubmit mutation requires an input (FraudReportSubmitInput!)
screenshot below depicts an example of the most basic submit request being constructed using the Apollo sandbox. In the Documentation column (left), the FraudReportSubmitInput argument is selected showing the fields that can be used in the required input. The (appId) and (reportedByMisCode) fields are selected, and now appear as variables
...
The example below submits a fraud report for application id (AppID) : 34110
.
Code Block |
---|
curl --location --request POST 'https://apollo-router.qa.ccctechcenter.org' --header 'Authorization: Bearer eyJ......' --header 'Content-Type: application/json' --data-raw '{"query":"mutation FraudReportSubmit($input: FraudReportSubmitInput!) {\n FraudReportSubmit(input: $input) {\n cccId\n appId\n fraudType\n }\n}\n","variables":{"input":{"appId":34110}}}' |
...
In the hands of a knowledgable API programmer, the schema provides everything needed to construct and execute the FraudReportSubmit operation, including the required argument, Input fields, and the payload response using an API dev tool such as CURL, PowerShell, Python, Java, etc. Any of these development tools will provide the
Taking a closer look at the same operation in the Apollo sandbox, you can see that the
...