GuidesClever App DashboardAPI Postman CollectionClever AcademySupportStatus
Guides

Testing Clever Library with Postman

Use this page to generate a Clever Library user token in Postman, confirm it is teacher-authorized, and test Library-accessible endpoints with the correct bearer token.

Before you start

Complete these setup steps before you test:

  1. Fork the Clever Postman collections from the Clever Postman workspace.
  2. Fork the environment variables you plan to use.
  3. Select the correct Postman environment before sending requests.
  4. Read Exploring the Clever API.
  5. Read Testing - Clever Library SSO.
  6. Read Clever Library - SSO Authorization.

What you are testing

When you test a Clever Library user in Postman, you are verifying that:

  • you can generate an authorization code for a Library user
  • you can exchange that code for a bearer access_token
  • the token identifies a teacher-authorized Library session
  • the same bearer token works with Library-accessible endpoints in the Postman collection

Use the correct token type

For Clever Library testing in Postman, use a bearer access_token from the Clever OAuth flow.

Do not use a district-app token for this workflow.

Step 1: Start the Library authorization flow

Use the direct Clever Library authorization link from the Library testing guide:

https://clever.com/oauth/instant-login?client_id={YOUR_CLIENT_ID}&district_id=5b2ad81a709e300001e2cd7a

Replace {YOUR_CLIENT_ID} with your app's client ID.

Then sign in with one of the Library sandbox users:

  • Teacher
    • Username: teacher1
    • Password: clever
  • Student
    • Username: student1-1
    • Password: clever

For this Postman flow, start with the teacher user.

After the user authorizes the app, Clever redirects to your configured redirect_uri with an authorization code in the URL.

Step 2: Exchange the authorization code for an access token

Copy the authorization code from the redirect URL.

Then exchange it for an access token by sending a POST request to https://clever.com/oauth/tokens.

Use these request details:

  • Authorization header: Basic auth using Base64.encode(client_id + ":" + client_secret)
  • Content-Type: application/json
  • Body:
{
  "code": "ENTER_CODE_HERE",
  "grant_type": "authorization_code",
  "redirect_uri": "YOUR_REDIRECT_URI"
}

If the request succeeds, Clever returns a bearer access_token.

Step 3: Call /me with the bearer token

Use the access token to call /me.

GET https://api.clever.com/v3.0/me
Authorization: Bearer ENTER_TOKEN_HERE

This is the most important verification step in the Postman flow.

For a Clever Library session, the response should include:

{
  "type": "user",
  "data": {
    "id": "607741faddeea003f1bb6cfd",
    "type": "user",
    "authorized_by": "teacher"
  },
  "links": [
    {
      "rel": "self",
      "uri": "/me"
    },
    {
      "rel": "canonical",
      "uri": "/v3.0/users/607741faddeea003f1bb6cfd"
    }
  ]
}

Step 4: Confirm you have a Library token

Before you test any additional endpoints, confirm these conditions:

  1. /me returns 200
  2. data.type is "user"
  3. data.authorized_by is "teacher"

If authorized_by is "district", you are not testing a Clever Library authorization flow.

Step 5: Use the token with Library-accessible endpoints in Postman

Once you confirm authorized_by: "teacher", use the same bearer token with the Library-accessible requests in the Clever Postman collection.

In Postman:

  1. Open the request you want to test.
  2. Set the Authorization header to Bearer YOUR_ACCESS_TOKEN if the collection has not already done this through variables.
  3. Send the request.
  4. Confirm the response matches the data shared through a teacher-authorized Library connection.

What success looks like

Your Postman testing flow is working correctly when all of the following are true:

  • you can complete the OAuth flow and capture an authorization code
  • the /tokens exchange returns a bearer access_token
  • the /me response shows authorized_by: "teacher"
  • your Postman requests succeed with the same bearer token on Library-accessible endpoints

Troubleshooting

You see authorized_by: "district"

You are testing a district-authorized login instead of a teacher-authorized Clever Library login.

Use the Clever Library sandbox flow from Testing - Clever Library SSO, and make sure you are not testing against a district-managed connection.

Your request works with a district token but not a bearer token

You are mixing token types.

For this workflow, use a user-level bearer access_token generated through the Clever OAuth flow.

Your Postman request fails because variables do not resolve

Confirm that you selected the correct Postman environment before sending the request.

You are not sure whether you are using the right sandbox

Only test Clever Library against the Clever-managed sandbox district used for Library testing.

Optional: Test the student path

After you confirm the teacher flow, repeat the authorization flow with the student test user from the Library sandbox.

Use this optional pass to verify your student sign-in behavior after a teacher has already authorized the application.

Related resources

Updated about 1 hour ago