The Clara API allows you to consult the transactions, users, cards, and additional information that live into your Clara Platform.
Our Clara API is designed and built following REST (Representational State Transfer) principles, ensuring simplicity and predictability in application development.
This API adheres to HTTP standards, ensuring compatibility with a wide range of HTTP clients. You can use various HTTP clients, including programming languages and frameworks, to seamlessly interact with our API.
What are the methods and scopes available in the Clara API?
- Transactions: Read
- Users: Read
- Cards: Read
- Groups: Read
- Locations: Read
What kind of authorization does the Clara API use?
The Clara API incorporates a robust authentication mechanism that utilizes OAuth 2.0 and mutual Transport Layer Security (mTLS). This ensures secure access to the API and protects your valuable data. The authentication process involves the following essential steps:
- Client Registration: Before accessing the Clara API, register your client application. During registration, you provide the necessary configuration details required for authentication.
- User Project and Authorities: Once your client application is registered, you can create users within the project and assign specific authorities. This allows you to effectively manage access privileges based on different user roles.
- Token Acquisition: To authenticate your requests to the Clara API, you must acquire a token. The token is obtained by creating users through our Auth0 integration. Retrieve the token ID from the request-response, as it serves as the key for subsequent API requests.
- Certificate Configuration: Establishing a secure connection between your client application and the Clara API is essential. You achieve this by configuring your client application with the generated certificates, including both the public and private keys. These certificates enable mutual authentication, reinforcing the security of the communication channel.
- Authentication Flow: To initiate the authentication process, use the client ID, client secret, and any other required login parameters. Then, you make a request to a designated authentication endpoint, following the OAuth 2.0 flow. The API will issue an access token and provide associated credentials upon successful authentication.
- Secure Data Retrieval: Once you have obtained the access token, you can securely retrieve data from the Clara API. Make HTTP method requests (such as GET) to the relevant API endpoints. Remember to include the access token as a bearer token in the request header to authorize your access and ensure data security.
How I can get access to the Clara API?
You can contact us asking for your Clara API accesses at email@example.com, and we will gladly help you.
The certificates that you will receive are:
- Public Certificate for the client
- Private certificate for the client
- Token Key for the User
- Secret Key from the token
- Public Certificate from our certificate authorities
Which roles can get access to Clara API?
The Clara API keys are managed only by users with an owner role