Reduced Support Availability – 19th January 2026

Just a quick heads-up! On 19th January 2026, our support and qualifications team will be attending a  Training and Development Meeting, so our response times may be a little slower than usual. 

But don’t worry — you can still find answers quickly by searching our Help Centre for guides and FAQs. If you need further assistance, feel free to submit a ticket. and we’ll get back to you as soon as we can.

If your issue is urgent, please make sure to set the priority accordingly when submitting your request.

Thanks for your understanding!

Upcoming System Update: Eportfolio & Learning Journal

On Wednesday 21st January 2026, we’ll be rolling out a series of enhancements and fixes to Eportfolio.

Release Notes
Full details of the changes can be found here.  

⏱️ Scheduled Downtime
Please note that there will be a brief service interruption between 07:00 and 07:30 AM on the day of the update.

⚠️Action Required
To avoid any data loss, make sure you’re logged out and have saved all work before 07:00 AM.


Upcoming System Update: Enrol and RPL

On 16th January 2026, we’ll be rolling out a series of improvements to Enrol and RPL.

Full details of the changes can be found in the release notes below:

Downtime: There will be no product downtime.

Submit a ticket Log in
  1. Home
  2. Guides and Support
  3. Integrations
  4. Single Sign-On

Single Sign-On: using OneFile as an Authentication provider

Adam Fogo
Modified on: Thu, 9 Jul, 2020 at 12:54 PM

This article explains how to use OneFile as an authentication provider. We provide an oAuth 2.0 integration.

Authorisation Request

GET

https://login.onefile.co.uk/auth?client_id={YOUR_CLIENT_ID}&redirect_uri={YOUR_REDIRECT_URI}&state={YOUR_STATE_TOKEN}&scope=user&response_type=code
ParameterTypeUse
client_idAlpha numeric stringUsed to identify the connecting external service provider
redirect_uriStringUsed as the redirect url when user authentication is complete, this must match the redirect url that was inputted when setting up the client
stateStringUsed to validate the authorization response, preventing CSRF attacks

This call will allow the user to authenticate, then return them to the redirect uri with an authorization code, which can then be used to request an access token this will look like this:

GET

{YOUR_REDIRECT_URI}?code={THE_GENERATED_AUTH_CODE}&state={YOUR_STATE_TOKEN}

From this you will then need to make an access token request, as shown below.


Access Token Request

POST

https://login.onefile.co.uk/token?client_id={YOUR_CLIENT_ID}&client_secret={YOUR_CLIENT_SECRET}&grant_type=authorization_code&redirect_uri={YOUR_REDIRECT_URI}&code={YOUR_AUTHORIZATION_CODE}
ParameterTypeUse
client_idAlpha numeric stringUsed to identify the connecting external service provider
redirect_uriStringUsed as the redirect url when user authentication is complete, this must match the redirect url that was inputted when setting up the client
codeStringUsed to validate the access token request for a user
client_secretStringUsed to validate that the request for the access token is coming from the external service provider that created the oAuth client

This will respond with an access token that can be used to request information for the user.

ContentType: application/json
{
    “access_token”: “{THE_ACCESS_TOKEN}”,
    “token_type”: “bearer”
}


User Details Request

GET

https://login.onefile.co.uk/me

Headers:

Authorisation: {THE_TOKEN_TYPE} {THE_ACCESS_TOKEN}

N.B the space is important

Response:

ContentType : application/json
{
    “UserID”: “”
    “FirstName”: “John”,
    “LastName”: “Smith”
 }


Visual Representation

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.

Other Guides