/
Configuration and Setup

Configuration and Setup

Owned by Sanket Shrestha
Feb 04, 2025
6 min read

Introduction

The Provider Registration and International Student Management System (PRISMS) is a secure database jointly developed by the Department of Education, Skills and Employment and the Department of Home Affairs. Recently modernised to support API integration, PRISMS now enables enhanced efficiency in the enrolment process for both education providers and international students.

For more information, see - PRISMS Modernisation Project.

The API service provides the following advantages:

  • Simplified CoE Creation – The process of creating a Confirmation of Enrolment (CoE) becomes more transparent and easier via the API integration. The data for student, course enrolment, agent details, OSHC details, English test details and others can be recorded and sent directly from the Meshed system to PRISMS and a CoE certificate can be generated.

  • Seamless Reporting of SCVs – Student’s CoE can also be Cancelled by reporting any of the available Student Course Variations (SCVs). The SCV along with the comments and other details can directly be recorded for an API generated CoE using the Meshed system.

  • Data Mapping between Meshed and PRISMS – The API also permits the Agent, Venue and OSHC Provider data to be mapped between the two platforms. The result is a consistent and accurate data reporting.

This feature is accessible via the homepage under the "Feature Shortcuts" section, labeled “PRISMS.”

1) Meshed Platform PRISMS Integration Configuration

The API service uses standard (OAuth) authentication using Azure B2C as the secure token service to gain access to PRISMS services. This workflow verifies the credentials for a user to access PRISMS API by logging into PRISMS using their email address, password and Multi- Factor Authentication (MFA) in a web page.

The PRISMS feature in the Meshed platform is available for all users except users with only Teacher or Staff-Teacher roles.

This means that only users who have access to PRISMS will be able to use the integration service. To access the PRISMS API configuration page, go to PRISMS tile on the homepage >> PRISMS API Config.

The Configuration for PRISMS API service is divided into 3 different sections that are as below:

  • Meshed Compliance Connector Integration Setup

  • PRISMS API Subscription Details

  • Client PRISMS Credentials Configuration

1.1) Meshed Compliance Connector Integration Setup

These details are configured by the Meshed team and cannot be modified or viewed by the end user.

1.2) PRISMS API Subscription Details

The API service requires the PRISMS Client ID and PRISMS OCP-APIM-Subscription-Key which is unique to each provider.

These API key details should be provided to the Meshed Support Team to help you set up the API service. Once configured, these details can be viewed by end users, but cannot be modified.

1.3) Client PRISMS Credentials Configuration

This section contains the user configuration details for each user who tries to authenticate and log in with PRISMS. The Meshed user log in will be saved along with the PRISMS Client ID used by each user to access PRISMS for data integrity.

2) Authenticating with PRISMS

Once the above authentication details are recorded in the Meshed system, a user can proceed to authenticate with PRISMS.

PRISMS User Authentication requires the users to provider their PRISMS login details that can authorise them as CoE Administrator or CoE Create users. Failure to supply correct PRISMS login details will halt the authorisation process implying that the integration cannot be used by the specific user.

2.1) First-Time User Authentication

When a user logs in to the Meshed system and proceeds to use the PRISMS API service, the PRISMS API Subscription Details section will be pre-populated with the API subscription details and will prompt the user to click on the “Set PRISMS Credentials” button as shown below.

 

After the PRISMS credentials are successfully set for the user, the next step is to Authorise with PRISMS using valid PRISMS login credentials.

To start the authorisation process, click on Authorise with PRISMS. The system then redirects you to a new page where the user can use the PRISMS login credentials to log in.

The user will also be prompted to go through the MFA process and enter the verification code from the Authenticator app.

A successful login fetches a token for the service and the system will reflect the success message accordingly.

The user can now continue to use the integration service in the Meshed system.

2.2) Existing User Authentication

For a user who has used the PRISMS API integration in the Meshed system before and is not a first-time user, the authentication process is a little different.

  • The user does not need to click on the Set PRISMS Credentials button as the PRISMS API credentials are already stored in the system for the user.

  • The system will also display the PRISMS User Email used by the specific user as per his last successful login to PRISMS.

Click on Authorise with PRISMS button to start the authorisation process. The system redirects the user to PRISMS authentication where the process is the same as authenticating a new user. After successful authentication, the token is returned and the success message is displayed.

2.3) Token Generation and Validity

The token generated for each successful user authentication is valid for a period of 24 hours. This implies that each user must re-authorise with PRISMS once the 24-hour period elapses.

If the user token is valid, the integration can be used without an issue and the configuration will display the message Access token is valid.

The button Authorise with PRISMS will be hidden as the token is valid and does not require a re-authorisation.

Once the token has expired for a user, the message on the configuration page changes to Both access and refresh tokens are expired. Please re-authorise.

Once the user clicks on Authorise with PRISMS button, a successful authentication can take place if valid credentials are provided.

Note:

After the token expires, re-authorisation with PRISMS is required in order to use the integration.