Getting started

This guide is an easy-to-read introduction on how clients can request API tokens to use in API calls.

Why use this API?

The Security Service API is used to request authentication tokens to use in all other Clickatell API calls.

Participating parties 
  • Clickatell
  • Client

For definitions of each, see here.

Getting started with Security Service API

To interface with Clickatell, the following needs to be set up, configured and tested:

Step 1: 
Get client_id and client_secret

Clickatell will securely provide you with a client_id and client_secret during integration and setup

Note: A unique client_secret will be provided for Sandbox (testing) and Production environments separately.

Step 2: 
Request a token

Request a token with your client_secret and client_id.

This API is used to request a temporary access_token and API_key that must be supplied in the header of all API calls to Clickatell.

Step 3: 
Use the token in API calls

Use the API_key and access_token in all other API call headers to Clickatell while the token has not yet expired (see the field expires_in).


A token is reusable, and your system should only request a new token in the following cases:

  • Ten seconds before your current token is about to expire
  • If the token has already expired

If your client_secret is compromised, contact Clickatell urgently and request a new client_secret.

A high-level view of this interface is illustrated below:

For a list of all roles-players/stakeholders involved in the purchasing process, see here

Read more:

Did you find this information informative?

Other Resources

Ask the Community

Visit Stack Overflow to join our community of developers and find the answer you need

Contact Support

Contact our support team and one of our agents will be in touch with you to answer any questions you have