Authentication
The ClarityCall API supports two authentication methods: API keys for server-to-server communication, and OAuth tokens for user-authenticated requests.
API Keys
API keys are the recommended authentication method for backend integrations. They provide full access to your account's data.
Creating an API Key
- Go to Settings → API Keys
- Click "Create API Key"
- Give your key a descriptive name
- Copy and securely store the key
Using API Keys
Include your API key in the Authorization header:
bash
curl -X GET "https://api.claritycall.app/api/v2/recordings" \
-H "Authorization: Bearer cc_live_your_api_key_here"API Key Security
Never expose API keys in client-side code. API keys should only be used in server-side code where they cannot be accessed by end users.
Session Tokens (Better Auth)
For user-authenticated requests from a frontend application, use Better Auth session tokens. These tokens are scoped to the authenticated user.
javascript
// Get the session token from Better Auth
import { authClient } from '$lib/auth/client';
const session = authClient.useSession();
const accessToken = session.get()?.data?.session?.token;
// Use it in API requests
const response = await fetch('https://api.claritycall.app/api/v2/recordings', {
headers: {
'Authorization': `Bearer ${accessToken}`,
'Content-Type': 'application/json'
}
});Error Responses
Authentication errors return appropriate HTTP status codes:
| Status Code | Description |
|---|---|
401 Unauthorized | Missing or invalid authentication token |
403 Forbidden | Valid token but insufficient permissions |