Skip to main content
Fluide Connect uses a two-step model: exchange your developer API key and secret for a short-lived JWT, then call product APIs with the JWT and your API key.

Prerequisites

You already have a verified developer account and API credentials from the Connect dashboard (API Keys):
  • apiKey — e.g. fl_dev_...
  • apiSecret — shown once at provisioning; store it in your secret manager
If you need to view or rotate credentials, sign in to Connect. The API secret is never returned again from GET /api/v1/authorize/current.

Exchange key + secret for an access token

Send your credentials only to the token endpoint. Never include the secret on HR, payroll, payments, or other product routes. 
curl -X POST "$FLUIDE_BASE_URL/api/v1/authorize/token" \
  -H "X-Fluide-Api-Key: $FLUIDE_API_KEY" \
  -H "X-Fluide-Api-Secret: $FLUIDE_API_SECRET" \
  -H "X-Fluide-Client-Id: fluide-developer"
Response (abbreviated): 
{
  "accessToken": "eyJ...",
  "exp": 1710000000,
  "tenantId": "...",
  "fluideClientId": "fluide-developer",
  "authContextPath": "/api/v1/auth-context/..."
}
Use the API secret only for token exchange. Never send it on product API routes.

Test in the API playground

Every product endpoint in API reference includes an interactive playground. Requests without the right headers are rejected — you will see Authorization field missing or 401 if any are omitted.
1

Exchange a token first

Run the token exchange above (curl or Node.js). Copy the accessToken value.
2

Click Authorize on a product endpoint

Open any HR, Payroll, Pay, Books, or Utils endpoint and click Authorize. Fill in all three fields:
Playground fieldValue
BearerPaste the raw JWT (eyJ...) — do not include the Bearer prefix
X-Fluide-Api-KeyYour fl_dev_... key (pre-filled with a placeholder; replace it)
X-Fluide-Client-Idfluide-developer (pre-filled)
3

Send the request

Click Send. Health checks such as GET /api/v1/hr/health use the same headers as business endpoints — there is no anonymous access.
X-Fluide-Client-Id must match the client ID embedded in your access token (fluide-developer). X-Fluide-Api-Key must match the API key bound to that token.

Call Fluide APIs

Send both the Bearer token and your API key on every product request.
HeaderValue
AuthorizationBearer <accessToken>
X-Fluide-Api-KeyYour fl_dev_... key
X-Fluide-Client-Idfluide-developer
curl -X GET "$FLUIDE_BASE_URL/api/v1/hr/health" \
  -H "Authorization: Bearer $FLUIDE_ACCESS_TOKEN" \
  -H "X-Fluide-Api-Key: $FLUIDE_API_KEY" \
  -H "X-Fluide-Client-Id: fluide-developer"
Cache the accessToken until exp and refresh before it expires. See First request for an end-to-end walkthrough.

Rotate credentials

If a secret is exposed, rotate it from the Connect dashboard or with a valid Bearer session: 
curl -X POST "$FLUIDE_BASE_URL/api/v1/authorize/rotate-secret" \
  -H "Authorization: Bearer $FLUIDE_ACCESS_TOKEN" \
  -H "X-Fluide-Client-Id: fluide-developer"
Update your integration and exchange a new token with the new secret.