Generate Client ID and Secret key
To connect Cornerstone with StackOne, you’ll need to register an OAuth 2.0 application in your Cornerstone portal.
Login to your Cornerstone portal
Sign in to your Cornerstone account.
Enter Application Details
Provide the required application information.
- Application Name: Enter a descriptive name (e.g., StackOne Integration)
- User ID: Enter the User ID of an active user in your portal
Select Application Scopes
In the Scopes section, select the scopes you want to associate with your application. The following scopes are required for StackOne connector functionality.
- training:read
- training:create
- obj_users_core:read
- learningassignment:read
- transcript:read
- transcript:create
- transcript:create:assign
- transcript:update
- transcript:update:complete
- transcript:update:progress
- approval:read
- inbox:read
- task:read
- expressclass:create
Configure User Permissions
Ensure the user associated with your OAuth application has the necessary permissions.
Navigate to User Management
Navigate to Admin > Tools > Core Functions > Users and search for the user which is associated with the Application you created in the previous step.
Configure Permissions
Click on Options > Permissions. Ensure the following permissions are configured to either There are no constraints available for this permission. or Restrict to User's Corporation.
- Reporting API - Read only
- Transcript API - Request
- Transcript API - View
- Employee API - View
- Learning Assignment API - View
Find Your Company Domain
Your Company Domain is the subdomain part of your Cornerstone URL.
Troubleshooting
Common issues and how to resolve them.
Error: 'Provided user does not have Rest services permissions and/or constraints to perform this operation'
This error message indicates that the API you are trying to access is not enabled in your Cornerstone portal. To resolve this error, follow these steps.
- Navigate to Admin > Tools > Edge > Integrations > Manage APIs within your Cornerstone portal.
- Ensure the toggles for Cornerstone API and Reporting API are turned on.
- If the toggles are already turned on, try turning them off and then back on again. This action resets the backend settings that control access to Cornerstone’s APIs.
- After performing the above steps, if you still see the same error response, please log a case with Cornerstone Global Customer Support (GCS).
Error: 401 Unauthorized response when accessing the Reporting API
There are a few things you should check when you receive this response.
- Verify that the Reporting API is enabled for the environment that you are trying to pull data from. Navigate to Admin > Tools > Edge > API Management > Manage APIs. You should see the Reporting API enabled on this page.
- If using OAuth 2.0: Ensure that the user account associated with your registered OAuth 2.0 application has the Reporting API - Read only permission.
- If using OAuth 2.0: Ensure that your OAuth 2.0 application has the required scope to access the endpoint that you are trying to retrieve data from.
- If using OAuth 2.0: Ensure that the OAuth 2.0 access token is still valid. Remember that OAuth 2.0 access tokens are valid for an hour by default, unless you set a different validity period for your application in the API Management page in Edge.
- After performing the above steps, if you still see an ‘unauthorized access’ error, please log a case with Cornerstone Global Customer Support (GCS).
Linking the Account from the Hub
Navigate to the Hub
Fill out the fields
- Client ID
- Client Secret
- Company Domain
- Application Scopes (Optional)
If the account linking is successful, you will see the newly linked account in your Accounts page.