V2 API Overview

API V2 reference

This page applies to SCORM Cloud API V2. If you're looking for our V1 api reference see here

SCORM Cloud V2 API Overview

The client libraries are certainly the quickest and easiest way to jump in and get started. However, if you’d like to write your own implementation, or just understand the API communication, this section is for you.


For starters, the base path of the v2 api is:


As an example, probably the simplest call to test would be /ping. As a simple curl from the command line, that’d be:

curl -X GET https://cloud.scorm.com/api/v2/ping

The rest of the documentation will omit the base path for brevity.


Now if you tested the /ping from the previous section, you saw that you got a 401 status code with the following response:

{ "error": "Authorization Required." }

There are no calls in the v2 api which are unauthenticated. This is where the app ID and secret key you noted earlier come into play. The SCORM Cloud v2 api offers two types of authentication schemes:

HTTP basic auth

You’ll see this referred to as APP_NORMAL or APP_MANAGEMENT in our API specification. Your app ID will be your username and your password is your secret key.


You’ll see this as, you guessed it OAUTH, and it will be accompanied by a scope which is specific to the operation and endpoint you’re attempting to call. For instance, if you were looking to get a list of courses in your application, you’d request an OAuth token with the scope read:course.

We have two possible endpoints from which you can obtain authentication tokens. They are functionally exactly the same, with some small variance in what is returned. They are:

  • POST /oauth/authenticate/application/token - Found here
  • POST /appManagement/token - Found here

A note on Application Management

In the ApplicationManagement Service you’ll find that that some of the endpoints require a special parameter childAppId, and have APP_MANAGEMENT as their basic authentication type. These endpoints require authentication with special App Management App credentials. The App Management App Id is not created by default. You can find or create the App Management AppId in the Apps tab of SCORM Cloud


Several API endpoints return lists of data. There are often large amounts of records that need returned by these endpoints, which can result in significant network bottlenecks. In order to prevent these bottlenecks, list results are paginated, or returned in segments. For example, calls to getRegistrations return “pages” of 10 registrations at a time. Each page will also include a more key. You can use the more key as a parameter to then fetch the next page of results and, if more results exists, the next more token. This process continues indefinitely until you stop making API calls or you reach the end of the registrations, at which point no more field will be present.

We also strongly suggest filtering your search results where possible. This cuts down on your API calls and how much data you need to parse. Filtering options are included in each endpoint’s Parameter section. You only need to pass filter options on the first API call as they will persist to subsequent calls that use more.


Now that you’re up to speed on how to interact with the API, take a look at LMS Integration or the API Reference. Have further questions? Contact our support.