REST API documentation
This page covers the LMS platform's REST API — authentication, endpoint list, request/response shape, and sample code. Typical uses: external-system integration, internal automation, RAG data updates.
1. API authentication
All APIs require authentication via Bearer Token (Microsoft Entra ID).
Authorization: Bearer <access_token>
Tokens can be acquired two ways.
- (1) OAuth2 / OIDC (standard web sign-in)
- (2) On-Behalf-Of (Teams SSO → API)
The access token's audience (aud) is api://{ClientId}.
2. Base URL
GET / POST / PUT / DELETE
https://api.yourdomain.com/
* Actual value depends on your environment.
3. Endpoint list
| Category | Method | URL | Summary |
|---|---|---|---|
| Project | GET | /api/projects | List projects |
| Project | POST | /api/projects | Create a project |
| Project | PUT | /api/projects/{projectId} | Update a project |
| Project | DELETE | /api/projects/{projectId} | Delete a project |
| Task | GET | /api/tasks | List tasks |
| Task | POST | /api/tasks | Create a task |
| User | GET | /api/users | List users |
| RAG | POST | /api/rag/index | Rebuild RAG index (job trigger) |
4. Request / response examples
■ List projects
GET /api/projects
Response:
[
{
"id": "PRJ-1001",
"name": "AIリテラシー導入プロジェクト",
"status": "Active",
"members": ["yamada@company.com", "suzuki@company.com"],
"createdAt": "2025-01-10T12:30:00Z"
},
{
"id": "PRJ-1002",
"name": "RAG 活用 PoC",
"status": "Planning",
"members": ["kato@company.com"],
"createdAt": "2025-02-01T08:20:00Z"
}
]
■ Create a project
POST /api/projects
Request:
{
"name": "新規 AI 活用プロジェクト",
"description": "営業部向け業務改善",
"owner": "yamada@company.com"
}
Response:
{
"id": "PRJ-1010",
"name": "新規 AI 活用プロジェクト",
"status": "Active",
"createdAt": "2025-03-01T10:00:00Z"
}
5. Error responses
All APIs return errors in the following format.
{
"error": "Unauthorized",
"message": "アクセストークンが無効です。",
"status": 401
}
Common status codes
- 400 — Bad Request (validation error)
- 401 — Unauthorized (missing / invalid access token)
- 403 — Forbidden (insufficient role permissions)
- 404 — Not Found
- 500 — Server Error
6. SDK / client examples
JavaScript / C# / Python SDKs coming progressively.
■ JavaScript (fetch)
const res = await fetch("/api/projects", {
headers: {
"Authorization": "Bearer " + accessToken
}
});
const data = await res.json();
console.log(data);
■ C# (HttpClient)
var client = new HttpClient();
client.DefaultRequestHeaders.Authorization =
new AuthenticationHeaderValue("Bearer", accessToken);
var res = await client.GetAsync("/api/projects");
var json = await res.Content.ReadAsStringAsync();
Next: Webhook docs →