Scope

  • Guidance on how and when Assembly Platform requests data from your MIS.
Data Access Request

  • No sensitive data can flow to Assembly Platform until you grant your first Data Access Request, and we can only extract scopes of data that you have explicitly authorised.
  • The one exception to this is the Public School Data scope. This scope contains only non-sensitive information such as the school name and URN, which is used by the Platform to validate and complete your connection.
  • The data that flows from your MIS to Assembly Platform is controlled by you at all times. In order for data to be extracted, your school must accept your third-party application’s Data Access Request.
  • The Data Access Request will clearly display the data scopes that the third-party application requires for their service to work before you decide whether or not to authorise the software application.
  • Each scope you are asked to authorise via Assembly will display information about the data fields contained within the scope:

  • The Data Access Request is separated out into required and optional scopes. Required Scopes must be shared in order for the software application to be authorised. We advise education software app developers to define scopes as required, only if they are necessary for their application to function as intended.
Optional Scopes

  • Non-essential scopes are listed as Optional. You can choose whether or not you wish to share these scopes with the third-party education app by selecting or deselecting the tick box next to the scope name.
  • Even if you decide not to share optional data scopes, you will still be able to authorise and use the app.

  • Use your school’s Admin Dashboard to see the Scopes that have been authorised and the associated Apps.

  • Note: In order to make the Data Access Request process work, we also need to ensure a working connection is established with your MIS.
MIS specific permissions

  • Different MIS’ use a range of configurations regarding permissions and access for services like Assembly.
  •  Our approach is usually to setup an MIS connection with the standard permissions for third party or data extraction software.
  • The Assembly Platform setup does not actually allow Assembly to access or transmit any sensitive data from your school without you consenting to a third-party app’s Data Access Request.