All Collections
Build a Cloverleaf Integration
Build a Cloverleaf Integration

A step by step guide for developers who are interested in building an integration to the Cloverleaf Platform.

Adam Tucker avatar
Written by Adam Tucker
Updated over a week ago

How to Create a Cloverleaf Integration as a Developer

  1. Contact the Cloverleaf engineer team at and tell us you’re creating a Cloverleaf Integration.

  2. Provide us the following information:

    1. integration name

    2. description

    3. square logo image (ideally 80x80 px or larger)

    4. integration documentation URL OR company URL

    5. support URL OR email address

    6. best point of contact’s email address for this integration, which might be yours

  3. In return, we will issue you a client ID and secret. We use the OpenID Connect (OIDC) protocol for authentication and these pertain to it.

  4. Now that you have the client ID and secret, you can integrate using OIDC. The flow is:

    GET with parameters: 
    client_id=<your client ID>
    redirect_uri=<integration's callback URL>
    state=<unique, ideally random state value>

  5. Note the redirect_uri above. This is your integration’s callback URL for receiving, via URL parameters, the authorization code.

  6. A 303 Redirect response will come back, sending the user to:

    1. sign into Cloverleaf if not already

    2. then the SSO Consent page, where they click Authorize to allow the integration access to Cloverleaf

  7. Once Authorized, your redirect_uri will be hit with a GET request, with the following URL params:

    1. code the authorization code your integration will use to exchange for an access token

    2. iss the auth code issuer, which is Cloverleaf

    3. state the unique state value your integration initially provided, for verification

  8. Once the auth code is obtained, it’s time to exchange it for the access token that lets the integration use Cloverleaf

  9. Your integration will make a POST request:


    with x-www-form-urlencoded parameters:

    client_id: <your client ID>
    client_secret: <your client secret>
    grant_type: authorization_code
    code: <auth code given in Step 7>
    redirect_uri: <integration's callback URL>

  10. An access_token will be returned, allowing the integration access to Cloverleaf on behalf of the user.

  11. Provide this access_token in the authorization header as a bearer token when calling the Cloverleaf Public API endpoint:


Did this answer your question?