API Access & Documentation

Plan-gated feature. REST API access requires a plan that includes API Access. The login endpoint always works, but other API endpoints return 403 if your plan doesn't include the feature.

ClockMi provides a REST API at /api/v1/ with 48 endpoints covering sites, attendance, reports, analytics, billing, and team management.

Authentication

POST to /api/v1/auth/login/ with email and password to get a JWT access token (15-minute expiry) and refresh token (7-day expiry). Include the access token in the Authorization: Bearer <token> header on subsequent requests.

Documentation

Interactive Swagger documentation is available at /api/v1/docs/ (staff accounts only). The OpenAPI schema is at /api/v1/schema/.

Rate limits

30 requests/minute for unauthenticated calls, 100/minute authenticated, and 5/minute for the login endpoint specifically. Rate-limited requests return HTTP 429.