Skip to main content
This page walks through the Cornerstone OnDemand setup required for the TechWolf Data Source Connector.

Prerequisites

  • An active TechWolf contract.
  • A Cornerstone OnDemand tenant with the Reporting API enabled in Edge Marketplace and API Management. Production tenants may require Reporting API purchase and enablement first.
  • Access to Cornerstone Edge and API Management.
  • The Edge APIs - Manage security permission.
  • A service-account user that has, or can be granted, the Reporting API - Read Only security permission.
  • Employees already synchronized into TechWolf through an HRIS connector.
Important: Cornerstone completed learning events are linked to TechWolf Employees by an Employee identifier. By default, TechWolf assumes users_core.user_ref in Cornerstone is the same value as the Employee external_id in the SkillEngine API. Confirm this alignment with TechWolf before enabling the connector.

Cornerstone configuration

1. Confirm the Cornerstone portal

Find the Cornerstone portal value for your tenant. This is the exact host prefix before .csod.com. If your Cornerstone URL is: 
https://acme.csod.com
the portal value to share with TechWolf is: 
acme
For a pilot or staging tenant, use that environment’s host prefix, for example acme-pilot from https://acme-pilot.csod.com.

2. Enable Reporting API access

In Cornerstone, go to Admin > Tools > Edge > Marketplace and enable the Reporting API for the tenant. Then go to Admin > Tools > Edge > API Management and make sure the Reporting API toggle is enabled.

3. Register an OAuth 2.0 application

In Cornerstone, go to Admin > Tools > Edge > API Management > Manage OAuth 2.0 Applications and register a new application for the TechWolf connector. Configure the application with:
  • A descriptive application name, for example TechWolf Connector.
  • The User ID of the service-account user that has Reporting API - Read Only.
  • An access token validity period that matches your security policy.
After registering the application, securely store the generated Client ID and Client Secret. You will share them with TechWolf at the end of this guide.

4. Add the required Data Exporter API scopes

In the application Endpoint scopes/permissions, select Reporting API, filter for Data Exporter API endpoints by typing obj, and add the following read scopes:
ScopeUsed for
obj_training_local_core:readCourse titles, descriptions, and language-specific catalog data
obj_training_core:readCourse active status and learning object metadata
obj_culture_core:readLanguage lookup for catalog entries
obj_transcript_core:readCompleted learning transcripts
obj_users_core:readMapping Cornerstone transcript users to Employee identifiers

5. Grant Reporting API read access

Grant the service-account user linked to the OAuth app the following Cornerstone permission: 
Reporting API - Read Only
This permission is required in addition to the OAuth scopes. The scopes allow the token to request the objects; the service-account permission allows Cornerstone to return the Data Exporter API rows.

6. Confirm Employee identifier alignment

Confirm that Cornerstone users_core.user_ref contains the same identifier as the Employee external_id loaded into the SkillEngine API by the customer’s HRIS connector. If Cornerstone uses a different Employee key, align with TechWolf before continuing. Without this mapping, completed learning events cannot be attached to the right Employees.

Share credentials with TechWolf

Once the Cornerstone configuration is complete, securely share the following values with TechWolf:
CredentialDescription
PortalThe Cornerstone portal subdomain, for example acme from https://acme.csod.com
Client IDThe OAuth app client ID
Client secretThe OAuth app client secret
Important: The client secret grants access to your Cornerstone Data Exporter API objects. Share it only through the secure channel agreed with your TechWolf representative. Never share it over plain email or chat.