Skip to main content
The Karma LMS REST API gives you programmatic access to all core platform resources: courses, users, enrollments, and assessments. All communication happens over HTTPS using standard JSON request and response bodies.

Base URL

All API endpoints are versioned under /api/v1: 
https://your-domain.com/api/v1
Replace your-domain.com with your Karma LMS instance domain.

Request format

Every request must include the following headers: 
Content-Type: application/json
Authorization: Bearer <your_access_token>
Request bodies must be valid JSON. Query parameters are URL-encoded.

Response envelope

All successful responses are wrapped in a standard envelope: 
{
  "data": { ... },
  "meta": {
    "total": 100,
    "page": 1,
    "per_page": 20
  },
  "error": null
}
data
object | array
The primary response payload. Can be a single object or an array of objects depending on the endpoint.
meta
object
Pagination metadata included on list endpoints.
error
null | object
null on success. Contains error details on failure.

Error responses

When a request fails, the error field is populated and data is null: 
{
  "data": null,
  "meta": null,
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "The request body is invalid.",
    "details": [
      {
        "field": "email",
        "issue": "Email address is already in use."
      }
    ]
  }
}
error.code
string
A machine-readable error code. Common values: UNAUTHORIZED, FORBIDDEN, NOT_FOUND, VALIDATION_ERROR, INTERNAL_ERROR.
error.message
string
A human-readable description of the error.
error.details
array
An array of field-level validation issues. Only present on 422 responses.

HTTP status codes

StatusMeaning
200OK — request succeeded
201Created — resource created successfully
400Bad Request — malformed request syntax
401Unauthorized — missing or invalid token
403Forbidden — token valid but insufficient permissions
404Not Found — resource does not exist
422Unprocessable Entity — validation failed
500Internal Server Error — unexpected server failure

Pagination

List endpoints support cursor-free offset pagination via query parameters:
page
number
default:"1"
Page number to retrieve, starting at 1.
per_page
number
default:"20"
Number of records per page. Maximum is 100.
Example paginated request: 
curl https://your-domain.com/api/v1/courses?page=2&per_page=25 \
  -H "Authorization: Bearer <your_access_token>"

Rate limiting

The API enforces a limit of 100 requests per minute per access token. When you exceed this limit, the API returns a 429 Too Many Requests response. Rate limit headers are included in every response:
HeaderDescription
X-RateLimit-LimitRequests allowed per minute
X-RateLimit-RemainingRequests remaining in current window
X-RateLimit-ResetUnix timestamp when the window resets
Exceeding the rate limit will result in a 429 response. Implement exponential backoff in your client to handle this gracefully.

Versioning

The API uses URL-based versioning. The current version is v1. When breaking changes are introduced, a new version path (e.g., /api/v2) will be released. Previous versions remain available for a deprecation period announced in advance.

Explore the API

Authentication

Obtain and manage Bearer tokens for API access.

Courses

Create, read, update, and delete learning courses.

Users

Manage learner and instructor accounts.

Enrollments

Enroll learners in courses and track progress.

Assessments

Manage quizzes and process learner submissions.

Build docs developers (and LLMs) love

Get started for freeTalk to us