NovoEd archive APIs are a set of APIs that allows customers to download user-generated content from their courses and integrate it into their own archiving systems. User-generated content (UGC) is anything that a user posts or creates in a course, such as assignment submissions, discussion comments, replies, etc.
The archive APIs allow customers to download the corresponding user-generated content in NovoEd learning experiences in JSON format for a 24-hour period:
- Discussion content including all posts, comments, and replies
- Messages sent between two or more users in the private messaging inbox
- Teams and Groups workspace discussions including posts, comments, replies, documents and meeting information
- Learner assignment submissions
- Assignment Submission comments and replies
- Public Feedback
- Private Feedback
Please note: Data returned includes content that might have been deleted by the user.
Archive API allows customers to download the content generated in the past 24 hours or 24 hours prior to a specified date and time. NovoEd recommends at least a daily download of data when archiving ongoing courses. Technical implementation is required by customers to save this data, either in JSON format or converted to a specific archiving format required by the compliance systems in place.
Attachments to content are included as links in the JSON API response and can also be downloaded for archiving.
Getting Started with an API Key and Secret
Customers need an API key and secret to make any API calls to NovoEd. The API key and secret belong to a developer, an app, or a development organization. A key can be whitelisted and able to access data from one course or the whole institution on NovoEd. The API key and secret can also be used to get private user information from NovoEd and write data to a customer’s instance. It is as powerful as a Super Admin role in the scope it is given access to. Customers can choose to make the API key and secret more secure by only enabling a dedicated set of IP addresses to use them. Or, customers may choose to allow any machine who has the key and secret make API calls.
Customers should write to the NovoEd customer support at firstname.lastname@example.org with the list of IP addresses of the machines that would be making API calls. The support team can whitelist those specific IP addresses. Customers may also choose to let any machine in the world who has the key and secret make calls. A customer’s technical team may refer to this as one-factor (only using key and secret) or two-factor (enabling only specific machines with a specific IP address) authentication for API calls.
Once a key and secret are obtained, customers should work with their NovoEd Org Admin to whitelist this key for one course or across the institution. Unfortunately, the NovoEd support team cannot help with this step. Instructions on how to whitelist an API key in one course or across the institution are listed below.
Whitelisting an API key
An Org Admin can log into a specific course in the institution, click on the wrench menu in the top right, choose Admin Dashboard, and choose configurations after to see the API key section.
Under API keys, the Org Admin can whitelist the key to manage this course and decide whether the key can manage any course across the institution.
- Make sure the key and secret are valid. Customers will receive a 401 error if they are not.
- Make sure calls are being made from an IP address that is authorized to use the key and secret. A 401 error will also be received here if they are not.
- Make sure a JSON call is being made. This can be done by adding .json to the end of the endpoint before starting to pass the parameters. If the wrong request type is made or HTTP is being requested instead of JSON, an error page will show.