Overview

For security reasons, the Ironclad API employs a bearer authentication scheme. In order to send requests, you’ll need to use a bearer token.

You can generate these access tokens by visiting the API Settings page in your Ironclad account. Adding a valid token to the “Authorization” header will validate your request.

Only company admins have the ability to generate API tokens. See your internal company's admin if you need to be added to the admin group.

🚧

Store Securely

Each bearer token provides unrestricted access to the endpoints in the Ironclad API. This allows anyone to view and manipulate contract and company data in your Ironclad account.

For this reason, a token’s value is hidden from view in Ironclad after creation.

Example Usage

The following is an example using the Fetch API with the List all Records endpoint and using an API key on the HTTP request.

// This example is for demonstration purposes only.
const myApiKey = '{YOUR_API_KEY_FROM_SECURE_METHOD}';

const listRecords = async() => {
  try {
    // Retrieve data from the API.
    const recordsData = await fetch('https://ironcladapp.com/public/api/v1/records', {
      headers: {
        'Authorization': `Bearer ${myApiKey}`,
        'Accept': 'application/json'
      }
    });

    // Retrieve the JSON response.
    const jsonData = await recordsData.json();

    // Ensure list property exists or exit.
    if (!jsonData.list) throw new Error('No list property existed!');

    // Log the Record Names to the console.
    jsonData.list.forEach(record => console.log(record.name))
  } catch(err) {
    console.log(err);
  }
}

listRecords();