Authentication
Use a Cleanlist API key for all public API requests.
API Key
API keys are used for programmatic access from your backend, scripts, or integrations.
Getting Your API Key
- Log in to portal.cleanlist.ai (opens in a new tab)
- Go to Settings -> API Keys
- Click Generate Key
- Copy and store your key securely
Using Your API Key
Include your key in the Authorization header as a Bearer token:
curl https://api.cleanlist.ai/api/v1/public/auth/validate-key \
-H "Authorization: Bearer clapi_your_api_key"Verify Balance Access
curl https://api.cleanlist.ai/api/v1/public/credits/balance \
-H "Authorization: Bearer clapi_your_api_key"Response:
{
"organization_id": "org_123",
"credits": 1249
}Key Properties
| Property | Details |
|---|---|
| Prefix | clapi_ |
| Scope | Organization-level |
| Header | Authorization: Bearer <api_key> |
Public API Rate Limit
| Limit | Scope | Window | On Exceed |
|---|---|---|---|
60 requests/minute | Per organization | Fixed 60-second window | 429 + Retry-After header |
Browser Extension Key
Extension keys (clext_...) are separate from API keys and are used only by the browser extension.
⚠️
Do not use extension keys for public API requests. Public API endpoints require API keys (clapi_...).
Security Best Practices
- Never expose API keys in client-side code.
- Store keys in environment variables.
- Rotate keys periodically.
- Monitor usage and revoke compromised keys.
export CLEANLIST_API_KEY="clapi_your_api_key"
curl https://api.cleanlist.ai/api/v1/public/credits/balance \
-H "Authorization: Bearer $CLEANLIST_API_KEY"