Skip to main content

Auth quickstart

Get authorized in a few minutes. This guide assumes you already have API credentials from the Connect dashboard (API Keys).
New to Fluide Connect? Complete email verification in the dashboard first. Your apiKey and one-time apiSecret are provisioned automatically.

Prerequisites

VariableExample
FLUIDE_BASE_URLhttps://sandbox.fluidehr.com
FLUIDE_API_KEYfl_dev_...
FLUIDE_API_SECRETFrom Connect at provisioning (store in a secret manager)
See Environments for staging vs production base URLs.

1. Exchange credentials for a JWT

Send your API key and secret only to the token endpoint. Never include the secret on product routes. 
export FLUIDE_BASE_URL="https://sandbox.fluidehr.com"

curl -X POST "$FLUIDE_BASE_URL/api/v1/authorize/token" \
  -H "X-Fluide-Api-Key: $FLUIDE_API_KEY" \
  -H "X-Fluide-Api-Secret: $FLUIDE_API_SECRET" \
  -H "X-Fluide-Client-Id: fluide-developer"
Save accessToken and refresh before exp. The API secret is used only for this call.

2. Confirm your developer session

With a valid token, fetch credential metadata (no secret is returned): 
curl -X GET "$FLUIDE_BASE_URL/api/v1/authorize/current" \
  -H "Authorization: Bearer $FLUIDE_ACCESS_TOKEN" \
  -H "X-Fluide-Client-Id: fluide-developer"

3. Call a product API

Every product request needs both the Bearer token and your API key: 
curl -X GET "$FLUIDE_BASE_URL/api/v1/hr/health" \
  -H "Authorization: Bearer $FLUIDE_ACCESS_TOKEN" \
  -H "X-Fluide-Api-Key: $FLUIDE_API_KEY" \
  -H "X-Fluide-Client-Id: fluide-developer"
Do not send X-Fluide-Api-Secret on HR, payroll, payments, or other product routes.

Next steps

Authorization guide

Full token exchange, rotation, and header reference.

First request

End-to-end walkthrough with caching and error handling.

Auth API reference

OpenAPI operations for developer access and health checks.

Auth overview

Credential lifecycle and how authentication works across products.