Overview
This guide explains how to manage customer access to your courses using the Claned API. You can control course access by adding customers to specific groups when they purchase courses and removing them when access expires or is revoked.
Authentication
All API calls require proper authentication headers. You can create API credentials (keys) and enable endpoints by clicking "API" on the left panel of the "Admin" section in Claned. Then, click "Enable API access" to create your first key. This key will be used for authentication for your integration.
Managing Course Access
Adding a Customer to a Course (Granting Access)
When a customer purchases a course, add them to the appropriate group using the user invitation endpoint. For info on how to create a group, refer to our documentation here (up to step 4): https://claned.zendesk.com/hc/en-gb/articles/9781119090577-How-to-create-groups-and-invite-users-to-them
Endpoint: POST /external/v1/Users/invite
Request Format:
{
"email": "[email protected]",
"groupId": 123,
"expires_at": "2024-12-31T23:59:59Z"
}Parameters:
email: Customer's email addressgroupId: ID of the group associated with the courseexpires_at: (Optional) Course access expiration date in UTC format
Example cURL Request:
curl -X POST "https://api.claned.com/external/v1/Users/invite" \
-H "Authorization: YOUR_API_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"email": "[email protected]",
"groupId": 123,
"expires_at": "2024-12-31T23:59:59Z"
}'Responses:
200: User was successfully invited to the group
404: Group wasn't found
401: Unauthorized (check your API key's enabled endpoints)
403: Forbidden (insufficient permissions)
Removing a Customer from a Course (Revoking Access)
When a customer's access should be revoked (non-payment, expiration, etc.), remove them from the group.
Endpoint: DELETE /external/v1/Groups/{id}/organizations/{organizationId}/users
Parameters:
{id}: Group ID (in URL path){organizationId}: Your organization ID (in URL path)EmailOrUsername: Customer's email or username (query parameter)
Example cURL Request:
curl -X DELETE "https://api.claned.com/external/v1/Groups/123/organizations/456/[email protected]" \ -H "Authorization: YOUR_API_TOKEN"
Responses:
200: User was successfully removed from the group
401: Unauthorized (check your API credentials)
403: Forbidden (insufficient permissions)
Best Practices
1. Group Organization
Create separate groups for each course or course tier
Use descriptive group names that clearly identify the course content
Share boards only with the specific group for that course
2. Access Management Workflow
Customer Purchase: Immediately add customer to appropriate group
Payment Issues: Remove customer from group until payment is resolved
Course Expiration: Set
expires_atwhen adding users, or manually remove when expiredRefunds: Remove customer from group immediately upon refund
3. Automation Recommendations
Integrate these API calls into your payment processing system
Set up automated removal for expired subscriptions
Consider webhook notifications for payment failures
Log all access changes for audit purposes
4. Error Handling
Always check response status codes
Implement retry logic for temporary failures
Security Considerations
Store API credentials securely and rotate them regularly
Use HTTPS for all API communications
Validate customer email addresses before API calls
Regularly audit group memberships
Troubleshooting
Common Issues:
404 Group Not Found: Verify the group ID exists and belongs to your organization
401 Unauthorized: Check API credentials and token expiration
403 Forbidden: Ensure your API key has permissions for group management
User Already in Group: The invitation endpoint may return success even if user is already invited
Support:
Contact Claned Support at support(at)claned.com for technical support or API-related questions.