ISC Developer Portal

Getting Started

Integrity Systems industry leading API capability is driving innovation and empowering developers, partners and customers. So welcome aboard! Let's see what you create.

Our API's are REST. Our API has predictable, resource-oriented URLs, and uses HTTP response in combination with API Status codes to indicate API errors. We use built-in HTTP features, like HTTP verbs, which are understood by off-the-shelf HTTP clients. JSON is returned in all API responses including errors.

Authorisation

All our API's require clients to use an API key and include an NLIS username and password.

Your API key is specific to you and your application. Take reasonable care in the use of your API Key and access details.

You can apply for a developer key by emailing technicalsupport@IntegritySystems.com.au

There are two options available to create an OAuth2 token:

  • ISC Single Sign-On(SSO) Authorisation API
  • NLIS Authorisation API - Deprecated

ISC Single Sign-On(SSO) Authorisation API

Single sign-on (SSO) provides a seamless way for your applications to authenticate/authorise by one username and password for key Integrity and Information Systems:

  • National Livestock Identification System (NLIS)
  • Livestock Production Assurance (LPA)
  • National Vendor Declarations (NVDs)
  • Live Data Link (LDL)
Read More ...

Using this method, your application can obtain an access token scoped to your application. (NLIS, LPA, etc)
The ISC API uses this as a bearer token in the Authorization header to authenticate a call and give restricted access to its resources.

Request Headers

HTTP Header Description Example
Content-type The MIME type of the body of the request Content-Type: application/x-www-form-urlencoded

Request Body

HTTP Body Description Example
Client Id Client identifier of your application client_id=mySuperApp
Client Secret Your client secret assigned client_secret=mysecret
Grant Type We use Password Grant Type grant_type=password
Scope Available values include lpa_scope, nlis_scope, mymla_scope dependent on your user scope=nlis_scope
UserName
When the scope is for NLIS users, the username is your nlis userID.
When the scope is for LPA users, the username is the PIC-userid. Note the - between PIC and userid
When the scope is for myMLA users, the username is your registred myMLA email.
username=9PROD2G0
username=Q1KK0786-1005672
username=blah@validemailaddress.com
Password The account holders relevant password. Eg LPA, NLIS or myMLA password password=userpassword
Example Header
Content-Type: application/x-www-form-urlencoded    
Example Body
client_id=mySuperApp&client_secret=mysecret&grant_type=password&scope=nlis_scope&username=9PROD2G0&password=userpassword

Resonse Body

HTTP Body Description Example
access_token The access token returned. "access_token" : "eyJ0eXAiOiJKV1Q..."
expires_in Number of minutes the token will be valid for. "expires_in" : "3600"
token_type The type of token generated by the API. "token_type" : "Bearer"
Example Body
{
  "access_token" : "eyJ0eXAiOiJKV1Q...",
  "expires_in" : "3600",
  "token_type" : "Bearer"
}

If a response code of 200 is returned, it means you have successfully authenticated and can access your token.

If a response code of 400 is returned, it could mean that your api key is invalid by indicating you are an invalid client or your username or password is invalid.

For other response codes, check the message included in the body of the response object.

NLIS Authorisation API

Deprecation Notice: This endpoint will be deprecated soon.

The NLIS API uses JSON web tokens. When an HTTP POST request is sent to the NLIS Auth Server, a valid bearer token (access_token) is returned or an invalid request.
The returned token must then be passed in as a request header with all future requests.

  • To request a token in production, call the following URI : https://auth.nlis.com.au/nlisapi/oauth/token
  • To request a token in UAT, call the following URI : https://auth.uat.nlis.com.au/nlisapi/oauth/token

Request Headers

HTTP Header Description Example
Content-type The MIME type of the body of the request Content-Type: application/json
Authorization Basic [YOURAPI_KEY] Authorization: Basic Q2VkYXJDcmVla0tpbGxGbG9vckRlc2t0b3BBcHA6c2VjcmV0

Request Body

HTTP Body Description Example
Grant_Type The OAuth 2.0 grant type you are using. "Grant_Type": "password"
Username Your NLIS username "UserName": "yournlisusername"
Password Your NLIS password "Password" : "yournlispassword"
Scope Access Rights - should always be set to "read" if included "Scope": "read"
Example Header
    Content-Type: application/json
    Authorization: Basic Q2VkYXJDcmVla0tpbGxGbG9vckRlc2t0b3BBcHA6c2VjcmV0
                
Example Body
{
  "Grant_Type": "password",  "UserName": "yournlisusername",  "Password": "yournlispassword",  "Scope": "read"
}

Resonse Body

HTTP Body Description Example
access_token The access token returned. "access_token" : "eyJ0eXAiOiJKV1Q..."
expires_in Number of minutes the token will be valid for. "expires_in" : "3600"
refresh_token The refresh token "refresh_token" : "43a88cdd-5a...."
token_type The type of token generated by the API. "token_type" : "Bearer"
Example Body
{
  "access_token" : "eyJ0eXAiOiJKV1Q...",
  "expires_in" : "3600",
  "refresh_token" : "43a88cdd-5a....",
  "token_type" : "Bearer"
}

If a response code of 200 is returned, it means you have sucessfully authenticated and can access your token.

If a response code of 401 is returned, it could mean that your api key is invalid by indicating you are an invalid client or your username or password is invalid. The message included in the body of the response object should give you more details.

For other response codes, check the message included in the body of the response object.

logo Integrity Systems Company