Flyt education OneRoster API: Access and Integration
This section provides everything you need to authenticate, set up, and start using the Flyt OAS One Roster API. It covers how to gain access to the environments, manage credentials, and begin testing your integration.
Authentication and Authorization
Access to Flyt OAS One Roster API is managed securely through OAuth 2.0 using the client credentials flow. All access is configured via the Visma Developer Portal at oauth.developers.visma.com.
How it works
- Applications are configured in the Visma Developer Portal
Each third-party integration is granted access through a custom application setup. These applications define what the integration is allowed to access (known as "scopes"). - Access is limited to specific scopes
We can define exactly which parts of the API a third party can access. - Customers are connected to applications.
Once an application is created, we will connect individual customers to that application in Flyt education via the TENANT settings in our admin panel.
Required Credentials for Access
Once the application and customer linkage is complete, third parties will need the following to authenticate:
Key |
Value |
Description |
client_id |
{your_client_id} |
ID of the integration application |
client_secret |
*************** |
Secret key generated in the Developer Portal |
tenant_ID |
e.g. aa750693-e3ea-441b-93fe-... |
Unique per customer |
grant_type |
client_credentials |
OAuth 2.0 grant type used |
scope |
one-roster-api:https://purl.imsglobal.org/spec/or/v1p2/scope/roster-core.readonly |
The part of the API this token will grant access to |
Token Request Endpoint
All third parties authenticate by making a token request to https://connect.visma.com/connect/token
The response will include an access_token used in subsequent API calls.
Example of token request
curl -X POST https://connect.visma.com/connect/token
-H "Content-Type: application/x-www-form-urlencoded"
-d "grant_type=client_credentials"
-d "client_id={your_client_id}"
-d "client_secret={your_client_secret}"
-d "scope=one-roster-api:https://purl.imsglobal.org/spec/or/v1p2/scope/roster-core.readonly"
Example of request:
When you have an access token, you can call API endpoints.
Parameter |
Value |
URL |
https://api.oneroster.cloud.skole.visma.no/ims/oneroster/rostering/v1p2/orgs |
Method |
GET |
Authorization |
Bearer {access_token} |
Query Parameters:
- Limit: 100 (maximum number of results)
- Offset: 0 (number of results to skip)
Example Request:
curl -X GET "https://api.oneroster.cloud.skole.visma.no/ims/oneroster/rostering/v1p2/orgs?Limit=100&Offset=0"
-H "Authorization: Bearer {access_token}"
Environments in Flyt education OneRoster API
We support three environments
- Test – for testing and development, using simulated data.
- Stage - for testing in a similar environment to production.
- Production – for live integrations with real data.
Versioning & Deprecation Policy
We use semantic versioning (v1.2.3) for all API versions. Breaking changes will always require a major version bump.