> ## Documentation Index
> Fetch the complete documentation index at: https://dev.clever.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Testing Clever Library with Postman

Generate a Clever Library bearer token in Postman, confirm teacher authorization with /me, and test Library-accessible endpoints with the correct token.

Use this page to generate a Clever Library user token in Postman, confirm it is teacher-authorized, and test Library-accessible endpoints with the correct bearer token.

## Before you start

Complete these setup steps before you test:

1. Fork the Clever Postman collections from the [Clever Postman workspace](https://www.postman.com/clever-pe/workspace/developer-collections/overview).
2. Fork the environment variables you plan to use.
3. Select the correct Postman environment before sending requests.
4. Read [Exploring the Clever API](https://dev.clever.com/docs/exploring-the-clever-api).
5. Read [Testing - Clever Library SSO](https://dev.clever.com/docs/testing-library).
6. Read [Clever Library - SSO Authorization](https://dev.clever.com/docs/clever-library-user-flow).

## What you are testing

When you test a Clever Library user in Postman, you are verifying that:

* you can generate an authorization code for a Library user
* you can exchange that code for a bearer `access_token`
* the token identifies a **teacher-authorized** Library session
* the same bearer token works with Library-accessible endpoints in the Postman collection

## Use the correct token type

For Clever Library testing in Postman, use a **bearer `access_token`** from the Clever OAuth flow.

Do **not** use a district-app token for this workflow.

## Step 1: Start the Library authorization flow

Use the direct Clever Library authorization link from the Library testing guide:

```text
https://clever.com/oauth/instant-login?client_id={YOUR_CLIENT_ID}&district_id=5b2ad81a709e300001e2cd7a
```

Replace `{YOUR_CLIENT_ID}` with your app's client ID.

Then sign in with one of the Library sandbox users:

* Teacher
  * Username: `teacher1`
  * Password: `clever`
* Student
  * Username: `student1-1`
  * Password: `clever`

For this Postman flow, start with the **teacher** user.

After the user authorizes the app, Clever redirects to your configured `redirect_uri` with an authorization code in the URL.

## Step 2: Exchange the authorization code for an access token

Copy the authorization code from the redirect URL.

Then exchange it for an access token by sending a `POST` request to `https://clever.com/oauth/tokens`.

Use these request details:

* **Authorization header:** Basic auth using `Base64.encode(client_id + ":" + client_secret)`
* **Content-Type:** `application/json`
* **Body:**

```json
{
  "code": "ENTER_CODE_HERE",
  "grant_type": "authorization_code",
  "redirect_uri": "YOUR_REDIRECT_URI"
}
```

If the request succeeds, Clever returns a bearer `access_token`.

## Step 3: Call `/me` with the bearer token

Use the access token to call `/me`.

```text
GET https://api.clever.com/v3.0/me
Authorization: Bearer ENTER_TOKEN_HERE
```

This is the most important verification step in the Postman flow.

For a Clever Library session, the response should include:

```json
{
  "type": "user",
  "data": {
    "id": "607741faddeea003f1bb6cfd",
    "type": "user",
    "authorized_by": "teacher"
  },
  "links": [
    {
      "rel": "self",
      "uri": "/me"
    },
    {
      "rel": "canonical",
      "uri": "/v3.0/users/607741faddeea003f1bb6cfd"
    }
  ]
}
```

## Step 4: Confirm you have a Library token

Before you test any additional endpoints, confirm these conditions:

1. `/me` returns `200`
2. `data.type` is `"user"`
3. `data.authorized_by` is `"teacher"`

If `authorized_by` is `"district"`, you are not testing a Clever Library authorization flow.

## Step 5: Use the token with Library-accessible endpoints in Postman

Once you confirm `authorized_by: "teacher"`, use the same bearer token with the Library-accessible requests in the Clever Postman collection.

In Postman:

1. Open the request you want to test.
2. Set the `Authorization` header to `Bearer YOUR_ACCESS_TOKEN` if the collection has not already done this through variables.
3. Send the request.
4. Confirm the response matches the data shared through a teacher-authorized Library connection.

## What success looks like

Your Postman testing flow is working correctly when all of the following are true:

* you can complete the OAuth flow and capture an authorization code
* the `/tokens` exchange returns a bearer `access_token`
* the `/me` response shows `authorized_by: "teacher"`
* your Postman requests succeed with the same bearer token on Library-accessible endpoints

## Troubleshooting

### You see `authorized_by: "district"`

You are testing a district-authorized login instead of a teacher-authorized Clever Library login.

Use the Clever Library sandbox flow from [Testing - Clever Library SSO](https://dev.clever.com/docs/testing-library), and make sure you are not testing against a district-managed connection.

### Your request works with a district token but not a bearer token

You are mixing token types.

For this workflow, use a user-level bearer `access_token` generated through the Clever OAuth flow.

### Your Postman request fails because variables do not resolve

Confirm that you selected the correct Postman environment before sending the request.

### You are not sure whether you are using the right sandbox

Only test Clever Library against the Clever-managed sandbox district used for Library testing.

## Optional: Test the student path

After you confirm the teacher flow, repeat the authorization flow with the student test user from the Library sandbox.

Use this optional pass to verify your student sign-in behavior after a teacher has already authorized the application.

## Related resources

* [Exploring the Clever API](https://dev.clever.com/docs/exploring-the-clever-api)
* [Testing - Clever Library SSO](https://dev.clever.com/docs/testing-library)
* [Clever Library - SSO Authorization](https://dev.clever.com/docs/clever-library-user-flow)
* [Clever Single Sign-On - Overview](https://dev.clever.com/docs/getting-started-with-clever-sso)