API Authentication and Security

To use the Checklick API securely, authentication is required for all requests. Here's how it works: 1. Generate an API Secret Key: Log in as a manager, go to your profile (context menu > Your Name), and click "Generate New Key" under API Secret Key. 2. Use the key in requests: Include it in the Authorization header as "Bearer YOUR_API_KEY" for all API calls. Example using cURL: curl -X GET https://api.checklick.com/v2/users -H "Authorization: Bearer YOUR_API_KEY". 3. Scope: The API key has the same permissions as your manager account—access only to your organization's data. 4. Rate Limiting: API requests are limited to 100 per minute per key to prevent abuse. Exceeding this returns a 429 error. 5. Security Best Practices: Never share your API key publicly. Regenerate it if compromised. Use HTTPS for all requests. For more details, refer to the API documentation at https://api.checklick.com/docs.