ClarmDocs
Sign inTrustGitHub

Authentication

Clarm has two main authentication models: dashboard sessions for human operators and bearer tokens for server-to-server or widget-authenticated flows.

Dashboard sessions

If you are using the Clarm dashboard in a browser, authentication is handled by the application session automatically. You do not need to manually attach bearer tokens for normal dashboard usage.

Bearer tokens

Server-side integrations use bearer tokens with the clm_ prefix.

Authorization headerbash
Authorization: Bearer clm_your_token_here
!

Widget tokens are issued and attached by the canonical widget config flow. Do not copy those tokens into public source code or custom embeds manually.

When to use which auth mode

  • Dashboard UI: browser session
  • Internal admin or integration scripts: bearer token
  • Website widget: canonical loader snippet with dashboard-managed widget auth