API Overview
Complete reference for the Kasar CRM REST API. Endpoints, response format, error handling, and rate limits.
The Kasar API gives you programmatic access to your CRM data. It follows REST conventions, returns JSON, and uses bearer token authentication.
Base URL
https://kasar.app/api/v1All requests must use HTTPS. Your organization is identified by the API token — no subdomain needed.
Endpoints
Records
| Method | Path | Description |
|---|---|---|
GET | /records/{object} | List records with filters, sorting, and pagination |
GET | /records/{object}/{id} | Get a single enriched record |
POST | /records/{object} | Create a record with defaults |
PUT | /records/{object}/{id} | Update a record |
PATCH | /records/{object}/{id} | Update a record (alias of PUT) |
DELETE | /records/{object}/{id} | Delete a single record |
DELETE | /records/{object} | Delete records (batch) |
POST | /records/{object}/search | Search with FilterGroup in body |
PUT | /records/{object}/{id}/associations/{toObject}/{toId} | Create an association |
DELETE | /records/{object}/{id}/associations/{toObject}/{toId} | Remove an association |
POST | /records/{object}/batch/create | Batch create (max 100) |
POST | /records/{object}/batch/update | Batch update (max 100) |
POST | /records/{object}/batch/upsert | Batch create or update (max 100) |
Tasks
| Method | Path | Description |
|---|---|---|
GET | /tasks | List tasks with mode presets and filters |
POST | /tasks | Create a task |
PUT | /tasks/{id} | Update a task |
PUT | /tasks/{id}/complete | Complete or reopen a task |
GET | /tasks/stats | Get task statistics |
DELETE | /tasks/{id} | Delete a task |
Notes
| Method | Path | Description |
|---|---|---|
GET | /notes | List notes with visibility filtering |
POST | /notes | Create a note |
PUT | /notes/{id} | Update a note |
DELETE | /notes/{id} | Delete a note |
Schema
| Method | Path | Description |
|---|---|---|
GET | /schema | List all objects and their fields |
GET | /schema/{object} | Get full schema for a specific object |
Pipelines
| Method | Path | Description |
|---|---|---|
GET | /pipelines | List all pipelines with steps |
PUT | /pipelines/{object}/{id}/move | Move a record to a pipeline step |
Search
| Method | Path | Description |
|---|---|---|
GET | /search | Full-text search across objects |
Aggregations
| Method | Path | Description |
|---|---|---|
GET | /aggregate/{object} | Run aggregation queries |
Activity
| Method | Path | Description |
|---|---|---|
GET | /activity/{object}/{id} | Get activity feed for a record |
Inbox
| Method | Path | Description |
|---|---|---|
GET | /inbox/threads | List email threads |
GET | /inbox/threads/{id} | Get thread with messages |
PUT | /inbox/threads/{id} | Mark thread read/unread |
GET | /interactions/{id} | Get interaction detail |
Bulk Operations
| Method | Path | Description |
|---|---|---|
POST | /bulk | Bulk update, add relation, or remove relation |
Import / Export
| Method | Path | Description |
|---|---|---|
POST | /import/{object} | Import records in batch |
GET | /export/{object} | Export records as JSON or CSV |
Users
| Method | Path | Description |
|---|---|---|
GET | /me | Get current authenticated user |
GET | /users | List workspace users |
GET | /integrations/status | Integration credentials status |
Duplicates
| Method | Path | Description |
|---|---|---|
POST | /duplicates | Detect or merge duplicates |
Response Format
All successful responses return JSON with a consistent structure.
Single record:
{
"data": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"first_name": "Alice",
"last_name": "Martin",
"email": "alice@example.com",
"created_at": "2025-01-15T10:30:00Z"
}
}Paginated list:
{
"data": [
{ "id": "...", "first_name": "Alice", "last_name": "Martin" },
{ "id": "...", "first_name": "Bob", "last_name": "Dupont" }
],
"total": 142,
"nextCursor": "eyJpZCI6IjU1MGU4NDAw..."
}Use the nextCursor value as a query parameter to fetch the next page of results. When nextCursor is null, you have reached the last page.
Error Format
Errors return an appropriate HTTP status code and a JSON body:
{
"error": true,
"code": "VALIDATION_ERROR",
"message": "Field 'email' must be a valid email address"
}Error Codes
| Code | HTTP Status | Description |
|---|---|---|
INVALID_OBJECT | 400 | The requested object type does not exist |
MISSING_REQUIRED_FIELD | 400 | A required field is missing from the request body |
VALIDATION_ERROR | 400 | A field value does not pass validation |
PERMISSION_DENIED | 403 | The token does not have permission for this action |
RECORD_NOT_FOUND | 404 | No record found with the given ID |
DUPLICATE_RECORD | 409 | A record with the same unique field value already exists |
Rate Limits
The API enforces rate limits per token. When you exceed the limit, the API returns HTTP 429 Too Many Requests with a Retry-After header indicating how many seconds to wait before retrying.
Design your integrations to handle 429 responses gracefully with exponential backoff.
CORS
The API sets appropriate CORS headers for browser-based requests. If you are calling the API from a frontend application, requests from your configured domain are allowed automatically. For server-to-server integrations, CORS does not apply.
Endpoint Reference
Authentication
API tokens, scopes, and security best practices.
Records
Create, read, update, and delete records on any object.
Tasks
Manage tasks linked to CRM records.
Notes
Create and manage notes attached to records.
Schema
Inspect objects, fields, and relations.
Pipelines
Pipeline stages and record progression.
Search
Full-text search across all objects.
Aggregations
Run count, sum, average, and other aggregation queries.
Activity
View the activity history of any record.
Inbox
Read and send emails through synced accounts.
Bulk Operations
Create, update, or delete records in batch.
Import / Export
Import from CSV/JSON and export your data.
Users
List workspace members and get current user info.
Duplicates
Detect and merge duplicate records.