curl --request POST \
  --url https://logintest.clearline.me/connect/token \
  --header 'Authorization: <authorization>' \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data grant_type=authorization_code \
  --data code=authorization_code_from_callback \
  --data redirect_uri=clover://auth-callback \
  --data code_verifier=original_code_verifier_string

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "Bearer",
  "expires_in": 3600,
  "refresh_token": "df8a2f3e...",
  "scope": "clearline_api"
}

Authentication & Authorization

Get Access Token

Exchange authorization code for access token, or obtain access token using client credentials.

Supported Grant Types:

authorization_code: Exchange authorization code from login flow (requires Basic Auth with client_id:client_secret)
client_credentials: Server-to-server authentication for POS systems (requires Basic Auth)
refresh_token: Refresh an expired access token

Authentication: All token requests require HTTP Basic Authentication with base64-encoded client_id:client_secret in the Authorization header.

POST

connect

token

curl --request POST \
  --url https://logintest.clearline.me/connect/token \
  --header 'Authorization: <authorization>' \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data grant_type=authorization_code \
  --data code=authorization_code_from_callback \
  --data redirect_uri=clover://auth-callback \
  --data code_verifier=original_code_verifier_string

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "Bearer",
  "expires_in": 3600,
  "refresh_token": "df8a2f3e...",
  "scope": "clearline_api"
}

Headers

Authorization

string

required

Basic authentication header: "Basic {Base64(client_id:client_secret)}"

Body

application/x-www-form-urlencoded

Option 1
Option 2
Option 3

Token request for Authorization Code flow with PKCE. Requires Basic Auth header with client_id:client_secret.

grant_type

enum<string>

required

Must be "authorization_code"

Available options:

authorization_code

code

string

required

The authorization code received from the callback

redirect_uri

string

required

The same redirect_uri used in the authorization request

Example:

"clover://auth-callback"

code_verifier

string

required

The original code_verifier string used to generate code_challenge (43-128 characters)

Response

Successful token response

access_token

string

The JWT access token to use in API requests via "Authorization Bearer {token}" header

Example:

"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

token_type

string

Token type - always "Bearer"

Example:

"Bearer"

expires_in

integer

Token lifetime in seconds (typically 3600 = 1 hour)

Example:

3600

refresh_token

string | null

Refresh token to obtain new access token when current expires (not provided for client_credentials grant)

Example:

"df8a2f3e..."

scope

string

The scopes granted by this token

Example:

"clearline_api"

User Login - Authorization Code Flow with PKCE Introduction to Transactions

⌘I

Getting Started

Integration Options

POS Integration

API Reference

Get Access Token

Headers

Body

Response