Page Comparison

...

Once Postman is installed and the two Fraud Report Postman Collection files have been imported and configured with your API account credentials and environment specifications, the process for generating and refreshing your access token is managed on the Fraud Report OAuth tab. Once generated Postman will automatically store the token as the Bearer in the Authorization head for all secured API requests.

From Your Postman Workspace…

1: Expand the Fraud Report collection and click on the Fraud Report OAuth file..

2: See the Fraud Report OAuth file open in a tab on your Workbench.

3: Ensure the appropriate environment is selected. In the adjacent example, the “GraphQL:Pilot” environment is selected (active).

4: Click the Send button to generate the access token.

5. The ‘access_token’ appears in the lower half of the body of the Fraud Report OAuth tab, which is then embedded for authorization for the next web request or post.

Access Token

The 'access_token” becomes the Bearer required in the Authorization head for secured requests to the API. (Reminder: Your API account is provided by the CCCTC during the implementation process.)

Each time you refresh your authorization, the new ‘access_token’ is automatically saved to the header for the next API operation you intend to execute.

Each token expires in 300 seconds (5 mins).

...

Submitting a Fraud Report Via API

The schema defines the process for submitting fraud information to the CCCTC as the FraudReportSubmit operation. Specifications for this GraphQL-based operation are documented in the Apollo sandbox.

In general terms, the components of this operation are quite basic. The root of the FraudReportSubmit query is a mutation type object that has a required Input argument (FraudReportSubmitInput!) where at least one input variable field must be provided and a custom payload response is defined (FraudReportSubmitPayload). For the majority of fraud report submissions, only the application Id (AppID) is truly needed, although additional input fields may also be added to the operation.

Explore the schema documentation for the FraudReportSubmit mutation and see the available Input fields.

The FraudReportSubmit Operation

Below is an example of a basic FraudReportSubmit operation built with a template in the Apollo sandbox.

...

In the Operation section, the root mutation, FraudReportSubmit, has been selected with the default FraudReportSubmitPayload fields displayed.

In the Documentation column, the Input argument - FraudReportSubmitInput - is selected and expanded showing the fields that can be used for the required input.

In the Variables table, the “appId” field as been added as the only input variable for this basic operation (currently displaying a null value in the adjacent screenshot).

...

In this operation, the mutation has a required input argument (FraudReportSubmitInput!) that specifies which data fields will be included in the submission.

Learn how to use an Input object type in a GraphQL mutation operation.

...

For multi-college district accounts, the operation should be modified to also include the “reportedByMisCode” field in the input argument to specify which college in the district the fraudulent application (appId) is being submitted for (see example shown in the Variables table).

The default MIS code for a single college district is passed automatically in the token, so it does not need to be included as a variable in the input argument.

...

In the hands of a knowledgable API programmer, the schema provides everything they need to construct and execute the FraudReportSubmit operation, including the required input argument, Input fields, and the payload response using an API dev tool such as CURL, PowerShell, Python, Java, etc. Any of these development tools will provide the mechanism needed to make this API web request.

...

With a basic understanding of the operation and their API account with the appropriate credentials and configured attributes, a skilled API programmer has everything they need to effectively format a proper web request using an application development tool such as Curl, Python, PowerShell, etc.

The example below submits a formatted web request for a fraud report for application id (AppID) 34110.

Submitting a Fraud Report Via API

The schema defines the process for submitting fraud information to the CCCTC as the FraudReportSubmit operation. Specifications for this GraphQL-based operation are documented in the Apollo sandbox.

In general terms, the components of this operation are quite basic. The root of the FraudReportSubmit query is a mutation type object that has a required Input argument (FraudReportSubmitInput!) where at least one input variable field must be provided and a custom payload response is defined (FraudReportSubmitPayload). For the majority of fraud report submissions, only the application Id (AppID) is truly needed, although additional input fields may also be added to the operation.

Explore the schema documentation for the FraudReportSubmit mutation and see the available Input fields.

The FraudReportSubmit Operation

Below is an example of a basic FraudReportSubmit operation built with a template in the Apollo sandbox.

Image Added

In the Operation section, the root mutation, FraudReportSubmit, has been selected with the default FraudReportSubmitPayload fields displayed. In the Documentation column, the Input argument - FraudReportSubmitInput - is selected and expanded showing the fields that can be used for the required input. In the Variables table, the “appId” field as been added as the only input variable for this basic operation (currently displaying a null value in the adjacent screenshot). Panel panelIconId atlassian-check_mark panelIcon :check_mark: bgColor #FFFFFF Before submitting the request, a value would be entered in the “appId” input field (as shown below). Image Added

In this operation, the mutation has a required input argument (FraudReportSubmitInput!) that specifies which data fields will be included in the submission.

Learn how to use an Input object type in a GraphQL mutation operation.

For multi-college district accounts, the operation should be modified to also include the “reportedByMisCode” field in the input argument to specify which college in the district the fraudulent application (appId) is being submitted for (see example shown in the Variables table). The default MIS code for a single college district is passed automatically in the token, so it does not need to be included as a variable in the input argument.

Image Added

In the hands of a knowledgable API programmer, the schema provides everything they need to construct and execute the FraudReportSubmit operation, including the required input argument, Input fields, and the payload response using an API dev tool such as CURL, PowerShell, Python, Java, etc. Any of these development tools will provide the mechanism needed to make this API web request.

...

With a basic understanding of the operation and their API account with the appropriate credentials and configured attributes, a skilled API programmer has everything they need to effectively format a proper web request using an application development tool such as Curl, Python, PowerShell, etc.

The example below submits a formatted web request for a fraud report for application id (AppID) 34110.

curl --location --request POST 'https://apollo-router.qa.ccctechcenter.org' 
--header 'Authorization: Bearer eyJ......' 
--header 'Content-Type: application/json' 
--data-raw '{"query":"mutation FraudReportSubmit($input: FraudReportSubmitInput!) {\n  FraudReportSubmit(input: $input) {\n    cccId\n    appId\n    fraudType\n  }\n}\n","variables":{"input":{"appId":34110}}}'

...

{
    "data": {
        "FraudReportSubmit": {
            "cccId": "AAA6198",
            "appId": 34110,
            "fraudType": "APPLICATION"
        }
    }
}

Submit a Fraud Report Using Postman

In your Postman workspace, click on the Fraud Report Submit file in the Fraud Report collection.

To support users that may not have the necessary skillset to build and submit a web request from the schema, the report can be submitted via the Postman tool - operation can be using be API developers, In the body of the post, the data structure for the FraudReportSubmit mutation appears in the Query portion of the workspace, with ($input: FraudReportSubmitInput!) as the required argument. In GraphQL, an Input can be an argument against an object. In this case, FraudReportSubmit is an object type. The three fields below the object indicate the fields that we want values for in the response. The input variables appear in the GraphQL VARIABLES box

...

...

Submit a Fraud Report Using Postman

In your Postman workspace, click on the Fraud Report Submit file in the Fraud Report collection.

To support users that may not have the necessary skillset to build and submit a web request from the schema, the report can be submitted via the Postman tool - operation can be using be API developers, In the body of the post, the data structure for the FraudReportSubmit mutation appears in the Query portion of the workspace, with ($input: FraudReportSubmitInput!) as the required argument. In GraphQL, an Input can be an argument against an object. In this case, FraudReportSubmit is an object type. The three fields below the object indicate the fields that we want values for in the response. The input variables appear in the GraphQL VARIABLES box

...

Receiving Fraud Notifications to a Staging Table

...

Image Removed

Image Added

Copying & Exporting Query

...

Operations

...

[ brief description and link to the Using Postman page ]

We’ve developed a developer ‘starter kit’ for creating queries.

a developer ‘starter kit’ for creating queries.

...

customizing the desired input fields and variables for the FraudReportQuery:withCCCID in Apollo, exporting the operation and copying it into Postman, where it can be saved as a separate query operation file and added to your Postman Fraud Report collection

...

Documentation & Supporting Resources

...

...