ConsentLayer
API Reference

Authentication

The ConsentLayer API uses API keys for authentication. Create keys in the dashboard under Account > API Keys.

Making requests

Pass your API key in the Authorization header:

curl https://api.consentlayer.com/api/v1/sites \
  -H "Authorization: Bearer cl_key_live_a8f2b9c4d1e6f3a7"
const res = await fetch('https://api.consentlayer.com/api/v1/sites', {
  headers: { Authorization: 'Bearer cl_key_live_a8f2b9c4d1e6f3a7' },
});
import requests

res = requests.get(
    "https://api.consentlayer.com/api/v1/sites",
    headers={"Authorization": "Bearer cl_key_live_a8f2b9c4d1e6f3a7"},
)

Key format

API keys follow the format cl_key_live_ followed by 32 random characters:

cl_key_live_a8f2b9c4d1e6f3a7b0c5d2e8f4a1b3c6

Key security

  • Keys are shown once at creation — store them securely
  • Keys are hashed at rest — we never store the plaintext
  • Keys are scoped to an account — all sites in the account are accessible
  • Revoke compromised keys immediately in the dashboard

OAuth 2.0

The API also supports OAuth 2.0 authorization code flow with PKCE for browser-based applications. See the dashboard OAuth settings to register a client.

Rate limits

The API does not currently enforce rate limits. This may change in the future — design your integrations to handle 429 Too Many Requests responses gracefully.

API Reference

Complete reference for the ConsentLayer REST API

Errors

API error format and codes

On this page

AuthenticationMaking requestsKey formatKey securityOAuth 2.0Rate limits