OneRoster Endpoints

Triand's OneRoster Rostering REST API is a read-only service that exchanges roster data (orgs, users, courses, classes, enrollments, demographics). All endpoints are GET; POST, PUT, PATCH, and DELETE return 400.

Base URLs

Version	Prefix
v1.1	https://oneroster-api.triand.com/ims/oneroster/v1p1/
v1.2	https://oneroster-api.triand.com/ims/oneroster/rostering/v1p2/

The version is selected by the OAuth2 scope prefix on the access token (v1p1 vs v1p2). The URL prefix must match the scope prefix; mixing them returns 400. See Sample District for token retrieval.

Endpoints

All paths are relative to the version prefix above. {sourcedId} is the GUID-like identifier returned by the API.

Query Parameters

All collection endpoints accept the parameters below. Unknown parameters return 400.

Parameter	Notes
`limit`	Page size. Default `100`. Use `limit=0` with the `X-Total-Count` response header to get a count without data.
`offset`	Starting record offset. Default `0`.
`filter`	Up to two clauses joined by `AND`/`OR`. Predicates: `=`, `!=`, `>`, `>=`, `<`, `<=`, `~`. Field names are validated against the model; unknown fields return `400`. Example: `filter=status='active' AND dateLastModified>'2025-01-01'`
`sort`	Field to sort by. Invalid fields are ignored with a warning in the response status info.
`orderBy`	`asc` or `desc`. Used together with `sort`.
`fields`	Comma-separated subset of fields to return. Invalid fields are ignored with a warning.

Organizations & Schools

Method	Path	Returns
GET	/orgs	All organizations (districts and schools)
GET	/orgs/{sourcedId}	Single organization
GET	/schools	Orgs of type `school`
GET	/schools/{sourcedId}	Single school

Academic Sessions, Terms, Grading Periods

Method	Path	Returns
GET	/academicSessions	All academic sessions
GET	/academicSessions/{sourcedId}	Single academic session
GET	/terms	Sessions of type `term` or `semester`
GET	/terms/{sourcedId}	Single term
GET	/gradingPeriods	Sessions of type `gradingPeriod`
GET	/gradingPeriods/{sourcedId}	Single grading period
GET	/schools/{schoolId}/terms	Terms for a school
GET	/terms/{termId}/gradingPeriods	Grading periods within a term

Courses

Method	Path	Returns
GET	/courses	All courses
GET	/courses/{sourcedId}	Single course
GET	/schools/{schoolId}/courses	Courses for a school

Classes

Method	Path	Returns
GET	/classes	All classes
GET	/classes/{sourcedId}	Single class
GET	/courses/{courseId}/classes	Classes for a course
GET	/schools/{schoolId}/classes	Classes for a school
GET	/terms/{termId}/classes	Classes for a term
GET	/students/{studentId}/classes	Classes a student is enrolled in
GET	/teachers/{teacherId}/classes	Classes a teacher teaches
GET	/users/{userId}/classes	Classes a user is associated with

Users, Students, Teachers

Method	Path	Returns
GET	/users	All users (guardians require the guardians scope)
GET	/users/{sourcedId}	Single user
GET	/students	Users with role `student`
GET	/students/{sourcedId}	Single student
GET	/teachers	Users with role `teacher`
GET	/teachers/{sourcedId}	Single teacher
GET	/schools/{schoolId}/students	Students at a school
GET	/schools/{schoolId}/teachers	Teachers at a school
GET	/classes/{classId}/students	Students in a class
GET	/classes/{classId}/teachers	Teachers of a class
GET	/schools/{schoolId}/classes/{classId}/students	Students in a class within a school
GET	/schools/{schoolId}/classes/{classId}/teachers	Teachers of a class within a school

Enrollments

Method	Path	Returns
GET	/enrollments	All enrollments
GET	/enrollments/{sourcedId}	Single enrollment
GET	/schools/{schoolId}/enrollments	Enrollments at a school
GET	/schools/{schoolId}/classes/{classId}/enrollments	Enrollments for a class within a school

Demographics

Method	Path	Returns
GET	/demographics	All demographic records (requires `roster-demographics.readonly` scope)
GET	/demographics/{sourcedId}	Single demographic record

Response Format

Collection endpoints return a JSON object keyed by the plural resource name; single-item endpoints use the singular key. Collection responses include an X-Total-Count header.

// Collection
{ "users": [ { "sourcedId": "...", "givenName": "...", ... } ] }

// Single item
{ "user": { "sourcedId": "...", "givenName": "...", ... } }

Record Status & Soft Delete

Every resource (org, user, class, course, enrollment, academic session, demographic) carries a status field with one of two values:

"active" — the record is current.
"tobedeleted" — the record has been removed from the upstream SIS and is being torn down.

When an entity disappears from the source data on a nightly sync, its OneRoster record is flagged "tobedeleted" rather than removed immediately. It remains queryable in the API for roughly 7 days with that status, then is hard-deleted on a later nightly run. This window gives consuming systems a chance to detect the disappearance and reconcile their own data.

Vendors should treat "tobedeleted" as "remove on next sync." The dateLastModified on a flagged record is updated to the day it was marked, which is useful for delta-sync filters such as filter=dateLastModified>'2025-01-01'.

Errors

Errors return a JSON envelope with an statusInfoSet describing the failure. The same envelope is also used for non-fatal warnings (e.g., an unknown fields entry) alongside a 200.

{
  "statusInfoSet": {
    "imsx_codeMajor": "failure",
    "imsx_severity": "error",
    "imsx_codeMinor": "invalid_filter_field",
    "imsx_description": "unknown field 'foo' [GET /users?filter=foo='bar']"
  }
}

Scope-Gated Behavior

Some fields and roles are conditionally included based on the scopes granted on the access token:

guardians.readonly — includes users with role guardian in /users responses.
guardians-metadata.readonly — includes the metadata object on guardian users.
students-metadata.readonly — includes the metadata object on student users.
demographic-metadata.readonly — includes the metadata object on demographic records.
orgs-metadata.readonly — includes the metadata object on org responses.

See Data Dictionary for the full list of metadata fields and the scope each one requires.