Student Provisioning API — Overview

The Student Provisioning API lets an external system automatically create a student account and enrol them into your organization's courses the moment something happens on your side — a payment on your WordPress/WooCommerce site, a membership activation, a CRM event, and so on.

It is provider-agnostic: the same endpoint works identically with Pabbly Connect, Zapier, Make.com, or any tool/script that can send an HTTP request. One endpoint, one API key per organization.

What one call does

When you POST a student's email, name, and the course type(s) they bought, the platform — in a single automatic step:

1. Creates the user account (or reuses it if the email already exists).
2. Adds them to your organization as a member.
3. Enrols them into a course for each requested course type (IELTS, PTE, GMAT, GRE, …), with your organization's configured initial access and starter practice tests.
4. Emails the student a "set your password" link so they can log in.

There are no manual steps on the platform side. Retries are safe (see the API Reference page).

How it fits together

Your WordPress / WooCommerce / membership plugin
        │   (trigger: payment completed, member activated, …)
        ▼
  Pabbly Connect  /  Zapier  /  Make.com        ← the "glue"; all just send an HTTP POST
        │
        │   POST https://<your-platform-host>/api/v1/provision/student/
        │   Header:  X-API-Key: <your org key>
        │   Body:    { email, first_name, last_name, courses, tenure_months, external_ref }
        ▼
  Platform: creates user → adds to your org → enrols in course(s) → emails set-password link

The API key identifies your organization, so a key can only ever provision students into your org — you never send an organization id, and one customer can never touch another's data.

Get an API key

API keys are issued by a platform administrator (Django admin):

1. Go to Django admin → Integrations → Organization API Keys → Add.
2. Pick the Organization and give the key a Name (e.g. Pabbly – production).
3. Leave is active ticked and Save.
4. The raw key is shown once in the green banner — copy it immediately. Only a hashed form is stored; it can never be shown again. If lost, revoke it and create a new one.

To revoke: select the key in the list and run the "Revoke selected API keys" action.

Treat the key like a password. Use a separate key per automation tool so you can revoke one without affecting the others.

Where to see what happened

Every call made with an API key — success, failure, or an invalid/revoked-key attempt — is recorded in Django admin → Integrations → Provisioning Logs (email, courses, result, source, time), so you can confirm a student came through or debug a failing setup.

Next steps

• API Reference — endpoints, payload, responses, error codes, idempotency, course types.
• Automation Setup — step-by-step Pabbly / Zapier / Make recipes + a curl test.
• Troubleshooting & Security — common errors and key hygiene.