API Keys
Every API request must include a valid API key. Keys are created in your clarife dashboard and scoped to specific permissions.Creating a Key
Open Settings
Go to Settings > API in your clarife dashboard at my.clarife.app.
Select scopes
Choose which permissions the key should have. Follow the principle of least privilege — only grant what the integration actually needs.
Key Format
All clarife API keys follow the format:clrf_ prefix makes keys easy to identify in logs and secret scanners.
Authenticating Requests
Include the key in theAuthorization header as a Bearer token:
Workspace Context
For team workspaces, include theX-Workspace-Id header to specify which workspace the request targets:
If you omit
X-Workspace-Id, the request defaults to your personal workspace.Scopes
Each API key can be granted one or more scopes. An endpoint returns403 Forbidden if the key lacks the required scope.
| Scope | Description |
|---|---|
documents:read | List and read documents and their content |
documents:write | Create, update, and delete documents |
projects:read | List and read projects and folders |
projects:write | Create, update, and delete projects and folders |
shares:read | List and read share links and view stats |
shares:write | Create, update, and delete share links |
brandings:read | List and read branding configurations |
media:write | Upload screenshots and media files |
workspace:read | Read workspace info and member list |
Key Limits
| Plan | Max API Keys |
|---|---|
| Pro | 5 |
| Business | 20 |
403 with code KEY_LIMIT_REACHED.
Revoking Keys
To revoke a key, go to Settings > API, find the key in the list, and click Revoke. The key stops working immediately. This action cannot be undone.Error Responses
| Status | Code | Meaning |
|---|---|---|
401 | UNAUTHORIZED | Missing or invalid API key |
403 | FORBIDDEN | Key lacks the required scope |
403 | PLAN_REQUIRED | API access requires a Pro or Business plan |
403 | KEY_LIMIT_REACHED | Maximum number of API keys for your plan |