Identity API

get

https://clever.com/oauth/tokens

Lists each of the tokens that has been granted to the application client by a district. This endpoint requires HTTP Basic authentication with the username set to your client_id and the password your client_secret (these can be found on your OAuth Client management page). It accepts the following data sent either as JSON or form-encoded:

Parameter Description
owner_type The type of user who granted the token. Currently only supports 'district'.

Response

The response is JSON and contains the following data:

Parameter Description
data A list of condensed information about tokens granted to the authenticated client.
links Hypermedia links to related API endpoints.

Sample JSON


        {
          "data":[
              {
                  "id":"5727d7c2d3402f0001552325",
                  "created":"2016-05-02T22:42:10.533Z",
                  "owner":{
                      "type":"district",
                      "id":"55108ad78349a40100000022"
                  },
                  "access_token":"db************************************93",
                  "scopes":[
                      "read:sis",
                      "read:district_admins",
                      "read:school_admins",
                      "read:user_id"
                  ]
              }
          ],
          "links":[
              {
                  "rel":"self",
                  "uri":"/oauth/tokens?owner_type=district"
              }
          ]
        }
        
post

https://clever.com/oauth/tokens

During the OAuth SSO flow , your application will receive a code. This code can be redeemed for an access token by POSTing to https://clever.com/oauth/tokens. This endpoint requires HTTP Basic authentication with the username set to your client_id and the password your client_secret (these can be found on your OAuth Client management page) . It accepts the following data sent either as JSON or form-encoded:

Parameter Description
code The code sent to your application. (e.g. "9fbfdf2339ce65fcd140")
grant_type Must be "authorization_code".
redirect_uri The URL that you previously redirected the user to. (e.g. "https://mydomain.com/oauth2")

Response

The response is JSON and contains the following data:

Parameter Description
access_token An access token you can use to make requests on behalf of this user. (e.g. "b40b7cccd3")
get

https://clever.com/oauth/tokeninfo

Verify the application associated with a bearer token in your possession by issuing a GET request to this endpoint. Clever will respond with the client_id and associated scopes for the token. Compare the client_id with your application's Client ID. If they do not match, discard the token.

This is especially important of applications using the OAuth 2.0 Implicit Grant Flow and usage is further described in that documentation.

get

https://api.clever.com/me

Once you've received an access token, you can look up the user associated with the token by making authenticated GET requests to /me. Authentication to this endpoint is done via a bearer token (which is the access token received from the /oauth/tokens endpoint). This process is described in detail in RFC 6750, In brief, set the authorization header for your request to Bearer <access token>, e.g. Bearer b40b7cccd3.