Skip to main content

How to Use the Pro API Module

E
Written by Emily

Overview

The Pro API module lets your organization connect to the Pliant API directly, without relying on Pliant support to set things up. Once the module is active, you can generate API credentials, integrate them into your own systems, and manage them independently.

Perfect for:

  • Finance and tech teams building automated card and spend workflows

  • Organizations integrating Pliant into internal tooling or ERP systems

  • Developers who want programmatic access to Pliant functionality

API documentation: customer-api.getpliant.com


What You Will Need

  • Your organization must be on a custom subscription plan to use this feature.

  • You must be an Account Owner, or an Organization Admin with the Manage Pro API permission


Step-by-Step Guide

Step 1: Enable the Pro API Module

  1. Log in to the Pliant admin app at app.getpliant.com

  2. Navigate to Settings > Modules

  3. Find the Pro API module in the list and toggle it on

  4. Confirm the MFA prompt to activate the module

Once enabled, a Pro API tab will appear in your Settings.


Step 2: Create Your API Credentials

  1. Go to Settings > Pro API

  2. Click Generate credentials

  3. Confirm the MFA prompt

  4. Your credentials are generated and displayed:

Credential

Description

Client ID

Your unique API identifier (always visible)

Client Secret

Your API secret. Shown once only, so copy it now.

Audience

The API audience URL required for token requests

Token URL

The endpoint to exchange credentials for an access token

Important: The Client Secret is only displayed once at creation. Copy it and store it securely (e.g., in a secrets manager or password vault). If you lose it, you will need to rotate it.


Step 3: Extend Credentials to Additional Organizations (optional)

If you manage multiple organizations and want them to share the same credential pair, you do not need to create separate credentials for each one. One credential pair can cover all your organizations.

  1. Switch to the second organization in the Pliant admin app

  2. Go to Settings > Modules and enable the Pro API module. Do not generate new credentials.

  3. Switch back to the first organization (the one where you created the credentials)

  4. Go to Settings > Pro API

  5. Click Extend credentials and select the additional organization(s)

  6. Confirm the MFA prompt

The second organization now shares the same Client ID and Client Secret. Repeat for any further organizations.


Step 4: Use Your Credentials

Use the credentials to obtain an access token via the OAuth 2.0 client credentials flow:

  1. Send a POST request to the Token URL

  2. Include your Client ID and Client Secret in the request body

  3. Pass the Audience as the audience parameter

  4. Use the returned access token as a Bearer token in your API calls


Step 5: View Existing Credentials

Once credentials have been created, return to Settings > Pro API at any time to view:

  • Client ID

  • Audience

  • Token URL

The Client Secret is not shown again after initial setup. To get a new secret, use the rotate function described below.


Step 6: Rotate Your Client Secret

If your Client Secret is compromised or you need to cycle it for security reasons:

  1. Go to Settings > Pro API

  2. Click Rotate secret

  3. Complete MFA verification

  4. A new Client Secret is generated and shown once. Copy it immediately.

  5. The previous secret is invalidated immediately.

Warning: Rotating the secret will break any existing integrations using the old secret. Update your systems before or immediately after rotating.


Step 7: Disable Pro API Access

To revoke API access for your organization:

  1. Go to Settings > Pro API

  2. Click Disable Pro API

  3. Complete MFA verification

  4. API access is deactivated immediately.

Disabling Pro API does not delete your credentials permanently. Your Pliant account manager can re-enable the module if needed.


Security Notes

All sensitive operations (enabling, disabling, and rotating credentials) require MFA step-up verification. You must re-authenticate with your second factor each time, even if you are already logged in. This is by design to protect your API credentials.


Troubleshooting

The Pro API tab is not visible in Settings

Cause: The Pro API module has not been enabled yet.

Solution: Go to Settings > Modules, find the Pro API module, and toggle it on. If it does not appear in the list, contact your Pliant account manager.


I cannot create credentials - the button is greyed out

Cause: You do not have the required Manage Pro API permission.

Solution: Ask your Account Owner to grant you the Manage Pro API permission via role settings, or ask them to create the credentials directly.


I lost my Client Secret

Cause: The secret is only displayed once at creation and is not recoverable.

Solution: Rotate the secret (Step 6 above) to generate a new one. Update your integrations with the new secret.


My API calls are returning 401 Unauthorized

Possible causes:

  • The Client Secret has been rotated and your integration is using the old one

  • The Pro API module has been disabled

  • The access token has expired (tokens are time-limited)

Solution:

  1. Check that the Pro API module is still active in Settings > Pro API.

  2. Verify you are using the current Client Secret.

  3. Re-request an access token using the Token URL.


FAQ

Q: Can I use the same credentials across multiple organizations?

A: Yes. Enable the Pro API module in each additional organization, then return to the organization where you created the credentials and use Extend credentials to share access. All organizations will use the same Client ID and Client Secret.

Q: Who can manage API credentials?

A: By default, only the Account Owner can manage Pro API credentials. Organization Admins can be granted the Manage Pro API permission by the Account Owner.

Q: What happens to active API calls when I rotate the secret?

A: The old secret is invalidated immediately. Any system using the old secret will receive authentication errors until updated with the new secret.

Q: Is there a sandbox environment?

A: Sandbox access is not yet available for self-service. Contact your Pliant account manager for sandbox provisioning and credentials.


Need Help?

For questions or issues with the Pro API, reach out to api@getpliant.com.

Stay updated:

  • API Changelog - subscribe to get notified of API changes and new features

  • Status Page - check current API availability and incidents


Related Articles

Did this answer your question?