Authentication

The Cleori API uses Bearer token authentication. Each asset has its own unique token for telemetry and activation endpoints, while administrative operations require user authentication tokens.

Token Types

Using Asset Tokens

Each asset receives a unique Bearer token during registration. Use this token for all asset-specific operations.

Sending Telemetry

Getting Activations

Using User Tokens

User tokens are required for administrative endpoints like managing assets, viewing organization data, and configuring settings.

Getting Your Access Token

Access tokens for system/machine requests are available in the Settings page of your dashboard. These tokens do not expire and are intended for programmatic API access.

Note: Store your access token securely. If compromised, you can regenerate a new token from the Settings page.

Administrative Operations

Token Security

Best Practices

• Store securely: Use environment variables or secure key management
• Use HTTPS: Always communicate over encrypted connections
• Rotate user tokens: Refresh user tokens daily
• Monitor usage: Track API calls for suspicious activity
• Limit scope: Use asset tokens only for asset operations

Example: Secure Token Storage

Error Handling

Common Authentication Errors

Example Error Response

Token Management

Getting Your Asset Token

Asset tokens are provided when you register an asset through the platform:

1. Register asset via Cleori dashboard or API
2. Receive unique asset token
3. Store securely in your integration
4. Use for all asset operations

Token Management

Next Steps