Caring CourseForge
API Reference

Authentication

Learn how to securely authenticate your API requests

The Caring CourseForge API uses API keys for authentication. This guide covers how to generate, use, and manage your API keys securely.

Authentication Methods

API Key Authentication

Include your API key in the Authorization header of every request:

Authorization: Bearer cf_prod_YOUR_API_KEY

Alternatively, you can use the X-API-Key header:

X-API-Key: cf_prod_YOUR_API_KEY

API Key Format

API keys follow this format: cf_[environment]_[32_characters]

Production: cf_prod_abcd1234efgh5678ijkl9012mnop3456
Development: cf_dev_xyz789abc123def456ghi789jkl012m
Staging: cf_stage_pqr345stu678vwx901yz234abc567de

Managing API Keys

Creating Keys

  1. Navigate to Settings → API Keys
  2. Click "Create API Key"
  3. Enter a descriptive name (e.g., "Production Server", "Mobile App", "CI/CD Pipeline")
  4. Select environment (Production, Development, or Staging)
  5. Click "Create API Key"
  6. Copy the key immediately (shown only once!)

Key Management

All API keys created in your account have full access to your courses, modules, lessons, and content. API keys inherit the permissions of your subscription tier.

Professional Tier:
  • Full CRUD operations on courses, modules, lessons, content
  • AI Chat API (Course Editor & Support)
  • Documentation API
  • Export to SCORM/xAPI/LTI
  • Analytics & Progress Tracking
Enterprise Tier:
  • All Professional features
  • Remote MCP Server access
  • Custom rate limits
  • IP whitelisting (optional)

Security Best Practices

🔒
Key Storage:
  • Never commit keys to version control
  • Use environment variables or secret managers
  • Don't expose keys in client-side code
  • Rotate keys every 90 days
⚠️
If Your Key Is Compromised:
  • Revoke the key immediately in dashboard
  • Generate a new key with different name
  • Update all applications using the old key
  • Review API logs for suspicious activity

Example Implementations

JavaScript/Node.js

const axios = require('axios');

const api = axios.create({
  baseURL: 'https://courseforge.caringai.app/api/v1',
  headers: {
    'Authorization': `Bearer ${process.env.CCF_API_KEY}`,
    'Content-Type': 'application/json'
  }
});

async function getCourses() {
  const response = await api.get('/courses');
  return response.data;
}

Python

import os
import requests

API_KEY = os.environ.get('CCF_API_KEY')
BASE_URL = 'https://courseforge.caringai.app/api/v1'

headers = {
    'Authorization': f'Bearer {API_KEY}',
    'Content-Type': 'application/json'
}

def get_courses():
    response = requests.get(f'{BASE_URL}/courses', headers=headers)
    return response.json()

PHP

<?php
$apiKey = getenv('CCF_API_KEY');
$baseUrl = 'https://courseforge.caringai.app/api/v1';

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $baseUrl . '/courses');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    'Authorization: Bearer ' . $apiKey,
    'Content-Type: application/json'
]);

$response = curl_exec($ch);
curl_close($ch);

$data = json_decode($response, true);
?>

Rate Limiting by Key

Professional Tier:

1,000 requests/hour per API key

Enterprise Tier:

10,000 requests/hour per API key

Rate Limit Headers:
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 952
X-RateLimit-Reset: 1633024800

Key Rotation

Rotating Without Downtime

  1. Generate a new API key
  2. Update a portion of your services to use the new key
  3. Monitor for issues
  4. Gradually roll out new key to all services
  5. Once all services updated, revoke the old key

Monitoring Usage

Track your API key usage in the dashboard:

  • View requests per key
  • See which endpoints are most used
  • Identify unusual activity patterns
  • Set up alerts for suspicious behavior
  • Review logs for the last 30 days

What's Next?

API Reference

Explore all available endpoints and test them interactively

Webhooks

Set up real-time notifications for course and student events

Rate Limits

Understand API limits and optimization strategies

API Getting StartedWebhooks