New Scopes Explained
To add greater flexibility to customer integrations and to ensure continued compliance with GDPR (due to come in to effect on 25th May 2018), we have changed the way access to school data is handled on the Assembly Platform.
This involves creating a set of additional, more granular “scopes” that you are able to request from schools. This will allow you to request only the data that is absolutely needed for your product, and it will give schools more granular control over what data they share.
As a worked example, our
student_demographics scope (which currently controls access to 9 fields) will be broken down in to the following:
If your app originally requested
student_demographics, it will now request all of these scopes. If you decide that your app no longer needs to access the ethnicity of students but it does still require all other fields from demographics, then you should remove the
student_demographics scope in your Authorization Request, and replace it with the following:
This will mean your application continues to have access to all of the other fields, but stops accessing student ethnicity.
If you have any questions about this process please get in touch and we'll be happy to help.