...
The Bi-Directional Fraud Data API is a SuperGlue-based solution (API) that supports bi-directional communication and sharing of suspected application, enrollment, or financial aid fraud data with the CCC Technology Center for the purpose of ultimately suspending or blocking an individual’s profile, thus sharing this determination of fraud with other system colleges automatically. Developed using GraphQL API technology, the first phase of development leverages the SuperGlue framework to amass a fraud data repository built on college reports and streaming notifications out to other affected colleges. Eventually through continuous improvement, the API will be extended to support other types of fraud data, including enrollment and financial aid fraud. Participating districts are provided the Bi-Directional Fraud Data API schema (GraphQL-based, described further below) and authorized access to the API during an implementation call with the CCCTC Enabling Services.
...
While there are many good learning resources and tutorials available, Introduction to GraphQL is an excellent primer for understanding the GraphQL language and the primary query operations used by the Fraud Data API.
See the About GraphQL APIpage for an introduction to the basic concepts of GraphQL, the schema, and examples of the functional operations used in the Fraud Data API (query, mutation, subscription).
...
The reporting of locally identified fraud data from an individual college or district to the CCC Technology Center (CCCTC) is managed via the Bi-Directional Fraud Data API. Everything needed to submit fraud reports is documented in the schema (see the API Documentation section below), as well as through custom Postman files configured specifically for the fraud data operations. More information and detailed examples of the FraudReportSubmit mutation are provided in the Submitting a Fraud Reportsection of this guide.
Receive Fraud Notifications to Staging Table
...
An option for colleges that have not yet implemented the SuperGlue College Adaptor, the API facilitates the ability to query the fraud table directly using a CCCID, an AppID, or an authorized MIS code(withRecipientMisCode). A successful response is returned if the CCCID used in the query matches any other application(s) submitted to the authorized MIS code. The process for querying the API directly is described in the Querying Fraud Report Datasection of this guide.
Note |
---|
Authorized access via the API is restricted by college- or district MIS code, which is set as the default attribute in the API account. Multi-college districts will have a default MIS code as well but may also be granted authorization for additional MIS codes for individual colleges in their district. API accounts are set up by the CCCTC and provided to the college during the implementation process. |
...
The Bi-Directional Fraud Data APISchema
...
Panel | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
Postman is an API platform designed to “easily explore, debug, and test your complex API requests for HTTP, REST, SOAP, GraphQL, and WebSockets. The Postman client also includes built-in support for authentication protocols like OAuth 1.2/2.0, AWS Signature, Hawk, and more.” Learn more in the Postman Learning Center. |
...
College Implementation Process
...
Panel | ||||||
---|---|---|---|---|---|---|
| ||||||
More information is provided to the district during the Bi-Directional Fraud Data API Implementation Process overview meeting with CCCTC Enabling Services. |
...
Bi-Directional Fraud Data API Operations
Recommended: Non-technical college staff are encouraged to use Postman for running ad hoc fraud reporting and queries. See /wiki/spaces/GLUEPD/pages/2851438610.
Getting the API Access Token
...
Panel | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
Testing: While the purpose of this API is strictly for the reporting and sharing of information related to fraudulent applications and bad actors, any valid AppID or CCCID can be used for testing purposes. In addition to testing the API, these data will support the Tech Centers testing of the internal workflows to identify other applications that may be associated with the individual(s) reported to be fraudulent. |
Panel | ||
---|---|---|
| ||
Using Postman to Submit a Fraud ReportTo support non-technical users that may not have the programming experience to build and submit a web request from a schema, Postman can be used for submitting fraud reports. Please visit Submitting Fraud Reports UsingPostman for instructions and screen shots. |
...
Receiving Fraud Notifications to a Staging Table
...
Panel | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
See Creating & Modifying Postman Events in Using Postman with the Fraud Data API Guide for a guide to creating and modifying additional query variations of the FraudReportQuery operation. |
Panel | ||
---|---|---|
| ||
Using Postman to Query Fraud Data We’ve created a developer ‘starter kit’ for making Fraud Data queries. See the Querying Fraud Data Using Postmansectionin /wiki/spaces/GLUEPD/pages/2851438610 guide for details. |
...
Documentation & Supporting Resources
Panel | ||||||
---|---|---|---|---|---|---|
| ||||||
See more: SuperGlue API: Terminology & Data Element Descriptions |
Item | Description | File / Link |
---|---|---|
Apollo API Sandbox | Fraud Data API Endpoint & Schema Documentation | Pilot: https://apollo-router.pilot.ccctechcenter.org/ |
GraphQL API Documentation | (Official) Online Introduction to GraphQL API | |
About GraphQL | CCCTC-based Introduction to GraphQL API | |
Postman Documentation | Introduction to Postman / Documentation | https://learning.postman.com/docs/getting-started/introduction/ |
Using Postman with the Fraud Data API | CCCTC Guide for Using Postman with the Fraud Data API |