Skip to main content

Otus Technical Specifications and Whitelist

This is a list of URLs that the district should whitelist during Otus Implementation to ensure effective performance. Includes tech specs.

Written by Brooke Fodor
Updated over a week ago

In order for Otus to function correctly, there are certain URLs that should be added to your district's whitelist. If something doesn't seem to be functioning as it should, you may want to check your school site's web filter/firewall (such as Securely) for potentially blocked URLs.

The URLs that MUST be allowed by your firewall include:

  • *.otus.com

  • *.cloudfront.net

  • google-analytics.com

  • learnosity.com

  • *.learnosity.com

  • learnositymediaprocessed.s3.amazonaws.com

  • assets.learnosity.com

  • cdn.fluence.net

  • pro.fontawesome.com

  • intercom.com

  • widget.intercom.io

  • intercom.io

  • canny.io

  • cdn.jsdelivr.net

  • cdnjs.cloudflare.com

  • cdnjs.com

  • otus.sharefile.com

Technical Specifications

Otus was built exclusively for K-12 by a group of former educators and administrators who are passionate about increasing the efficiency and effectiveness of educational technology. Otus is a web-based software solution with low barrier to entry from the technical requirements aspect. This article shares the minimal technical requirements. We have found that all schools have been able to provide these standards, unless they do not have Internet access.

Hardware:

  • PC compatible

  • Mac compatible

  • RAM: 1GB minimum

  • Disk Space: None required

Other Specifications:

  • Internet access required

  • Browser: Compatible with the latest versions of Chrome, Firefox, and Safari

  • Web plug-ins: No plug-ins required

  • Bandwidth: 1mbps>

Google Specific Settings

For districts using Google Workspace for Education, there are some recommended Admin Console settings that will allow for third-party connections, allowing both Google SSO and access to resources from each user's Google Drive.

1. Manage App Access (API Controls)

This is the most important area. It tells Google that you trust Otus to access specific student or teacher data.

‼️ If app access is not permitted, students and teachers may encounter a "Error 400: admin_policy_enforced " message, restricting them from attaching Google Docs or sometimes even logging in with Google SSO.

  • Path: Security > Access and data control > API controls.

  • Action: Click Manage Third-Party App Access.

  • Recommendation: * Click Add app > OAuth App Name or Client ID.

    • Search for Otus or add these specific Client IDs:

      • 535308301451-hn7r80qbkmto288gs6gqidvqbeij5kf2.apps.googleusercontent.com

      • 535308301451-5344169pajjc8vfjghs05j1tadqp4rn4.apps.googleusercontent.com

    • Access Setting: Set this to Trusted.

    • Why? Setting it to "Trusted" ensures Otus can access "Restricted" Google services (like Classroom or Drive) even if you have a high-security posture for the rest of your domain.

2. Unconfigured App Settings (Age-Based Access)

Since 2023, Google has enforced strict rules for users designated as Under 18. If an app isn't explicitly "Configured," students won't be able to sign in.

  • Path: Security > Access and data control > API controls > Edit Settings.

  • Recommendation: * Find the section for Unconfigured third-party apps.

    • Option: Select "Allow users to access third-party apps that only ask for Google sign-in info."

    • Caution: If you choose "Don't allow," students will be blocked from everything you haven't manually whitelisted. Most schools prefer manually whitelisting core tools (like Otus) but allowing basic "Sign in with Google" for others to reduce IT tickets.

FAQ and Troubleshooting

Click to view FAQ and troubleshooting details.

Students and teachers are trying to add an attachment using the Google Drive button and get an error. How can we fix that?

An " Error 400: admin_policy_enforced " message usually occurs because the Otus app uses multiple OAuth Client IDs for different functions (e.g., login vs. API access), or because the app has updated its credentials, leaving the admin console with outdated information. Follow the steps below to make the necessary changes.

  1. Check the Error Message:

    Look closely at the Error 400: admin_policy_enforced screen for the Client ID (a long string of characters ending in apps.googleusercontent.com).

  2. Compare in Admin Console:

    Navigate to Security > Access and Data Controls > API Controls > Manage Third-Party App Access in your Google Admin console.

  3. Search and Update:

    Search for the app using the exact Client ID found in the error message, not just the name, and ensure that the specific ID is added (not replaced) as a trusted app.

Related Articles
Otus Implementation Guide
Otus and Google Classroom
Otus and Illinois HB 3606
Google and Otus Troubleshooting
Otus AI Insights Technical Details
Did this answer your question?