Note: OneRoster v1.2 will require OAuth 2.0 authorization.
Note: Instructure is a OneRoster Consumer. For OneRoster Consumer and Provider definitions, view the Introduction to OneRoster.
Supported Authentication Methods
When configuring your Instructure OneRoster integration, you must specify the integration authorization method. Instructure supports both OAuth 2.0 and OAuth 1.0a authentication configurations.
If your institution opts to use OAuth 1.0a, prevent server sync issues by providing the following server timestamp flexibility: 10 min in the past; 5 min in the future.
If your institution opts to use OAuth 2.0, the access token request authorization header includes client credentials (consumer key and secret). Additionally, if your institution has pre-defined the authorization scope, it is built into the URL upon implementation.