Remote Service API

Overview - Remote Service API

Are you sure you want to remove this component?

Opening page in iFrame

Are you sure you want to remove this component?

In order to open an application in a Schoolbox iframe you must use the following URL in Schoolbox -  http://schoolbox/modules/remote/{base64encodedURL}

The URL you wish to be loaded should be base64 encoded on the end of the string.

You can optionally add /window on the end of the URL to open the page in the complete window rather than an iframe. This will open the page you want in that window without any of the Schoolbox interface around it - Just like opening it up directly on that page like you would with any other link regularly (such as a link you search for in google). The authentication will still work this way too, just in case you were wondering! If you didn't apply the /window, it would open embedded in an iframe with the Schoolbox interface still there.

To encode your URL use the following online tool. http://www.freeformatter.com/base64-encoder.html

If you wish to control the height of the iframe. You may optionally include the parameter (zx_h).

For example before base64 encoding the url.

http://google.com.au#zx_h=800px

3rd Party Application Details

Are you sure you want to remove this component?

Your system will need to have a page which accepts the following GET parameters:

  • key
  • time
  • id
  • user

The id parameter is the current user's External ID. The time parameter is an Epoch/Unix timestamp of the current time generated by Schoolbox. You should ensure that this time is within 5 minutes of the current time on your server for security purposes. Finally, the key parameter is a SHA1 hash of the shared secret, the time and the user's External ID concatenated together in that particular order.

The following is an example scenario where a user has accessed http://10.1.1.31/enrolment_details/ through the custom module we are developing.

Link to http://schoolbox/modules/remote/IGh0dHA6Ly8xMC4xLjEuMzEvZW5yb2xtZW50X2RldGFpbHMv

Internal vars

  • secret = ASDSDF3245324566
  • time = 1323305767
  • id = 24249
  • user = jsmith
  • key = SHA1 hash of [secret][time][externalUserId]

User is redirected to http://10.1.1.31/enrolment_details/?key=01f78cd0b7fdf44268c53e096e6044861ea58614&time=1323305767&id=24249&user=jsmith

The shared secret and URL where the parameters will be passed to for authentication are changeable.

The shared secret is set in Schoolbox at: Administration > Settings > Security > Remote Shared Secret

Note: The placeholders [username], [externalId], and [email] are automatically filled with the profile’s actual details.

Add an iFrame widget to a student profile

Are you sure you want to remove this component?

As a Superuser, you can add an iFrame widget to a student profile. This allows you to embed external content directly into the profile view, creating a more connected and efficient experience for teachers, students, and admins.

You can embed third-party systems like:

  • Learning analytics dashboards
  • Behaviour tracking systems
  • Assessment platforms
  • Attendance records or wellbeing apps

This gives quick, context-specific access without needing to switch systems or log in again.

To do this:

  1. First, go to Administration > User Management > Profile Editor.
    This opens the Profile Editor page.
     
  2. In the Profile Editor page, choose the Student field, which is the profile role type you are adding the iFrame for.
     
  3. Next, scroll to ‘Fields’ and select Internal Fields.
     
  4. Then, select iFrame
    This will place the selected field at the top of the list.
    Note: Use the drag handle iconGrab Handle Icon (blue)to reorder fields.
     
  5. Next, to edit settings for 'Appears On' and 'Visible For', select the settings cog icon Settings Cog Icon.
    This opens the settings for the user profile field.
     
  6. In Appears On, select one or more campuses. The field will display on the profile page for users in the selected campuses.
    For example, if you select Senior and Junior, this field will be displayed on the profiles of users within this campus. 
    Note: A field will display on a user's profile if they belong to any one of the campuses, or if required, in all of the campuses.
     
  7. Next, in Visible For, select one or more role types to control which role types can view this user's field on the profile page. 
    For example, if you select Self and Parent user roles, it means the field on the student's profile page will be visible only to the student and their parents, and no one else. 
    Note: See Personalise user profiles in the Profile Editor (for Superusers) for more information.
     

  8. Next, in iFrame Link, enter the full URL of the webpage you want to embed on the student’s profile page.
    This should be the exact link to the external tool, dashboard, or resource you want to display.
    Note: If you're using tokens like [username] or [email], make sure to include them in the URL so the content personalises for each student. 

    Note: If you wish to secure this URL behind the remote services API, wrap the URL in the following string remote_service( https://url ).  This will automatically encode the URL using base64 and pass it as a parameter to the remote services API when the profile is loaded.
     

  9. Then, in Height, enter the height of the iFrame in pixels. 
    For example, 400 will set the iFrame to 400 pixels tall.
    Note: Adjust the height based on how much content you expect to display - too small and it may cut off information; too large and it might take up unnecessary space.
     
  10. When done, select Update.
    This saves your changes and embeds the external content into the student’s profile.
     
  11. Then, go to the student’s profile page to check that the embedded iFrame widget appears correctly and displays the embedded content as expected.

    You’ve now added the iFrame widget successfully to the student’s profile.
Back To Top

Using the Remote Services API (as a Superuser)

Are you sure you want to remove this component?

Remote Services let you bring in content from another website, like a dashboard, learning app, or online tool, and show it right inside a Schoolbox page. It’s a simple way to connect external resources without making users leave Schoolbox.

As a Superuser, you can embed a remote page or service into Schoolbox using the Remote Services API.

To do this:

  1. First, go to Administration > User Management > Profile Editor and add the Internal Field iFrame to the Student, Staff, and Parent profiles. For this, follow the steps in Personalise user profiles in the Profile Editor (for Superusers).
     
  2. Next, wrap your website link using the remote_service(...) function. For example, remote_service(https://your-website.com/page?user=[username])
    This tells Schoolbox to treat the link as a 'Remote Service'.
     
  3. Next, use tokens to show personalised information.
    You can include tokens in the link that will be automatically filled with details from the user's profile:
  4. Then, allow the website in 'Safe iFrame Sources'.
    For your remote service to display correctly, add the external domain to your 'Safe iFrame Sources' in Schoolbox.
    Note: Without this step, the embedded content will not load, and you may see a blank space or an error.
    To do this:
    1. Go to Administration > System Settings > Security.
      This opens the Security page for you.
    2. Scroll to the 'Safe iFrame Sources' field.
    3. Add the website’s base URL, for example, https://tools.yoursite.com.
      Note: Ensure that the link matches the website you're embedding.
    4. Select Save to save your changes.

      Your content should now load smoothly inside Schoolbox for each user.
Back To Top