Skip to content

Fix public-api skill: use clay-api-key header (not Bearer) and refresh stale search paths#11

Open
TenSpy-ai wants to merge 1 commit into
clay-run:mainfrom
TenSpy-ai:fix-public-api-auth-scheme
Open

Fix public-api skill: use clay-api-key header (not Bearer) and refresh stale search paths#11
TenSpy-ai wants to merge 1 commit into
clay-run:mainfrom
TenSpy-ai:fix-public-api-auth-scheme

Conversation

@TenSpy-ai

Copy link
Copy Markdown

Summary

clay/skills/public-api/SKILL.md tells agents to send the API key "as a Bearer token against https://api.clay.com/public/v0". That returns 401 on every endpoint. The correct scheme, per Clay's own docs (https://developers.clay.com/public-api/authentication.md), is the clay-api-key: <key> header.

An agent following the skill as written burns its retries on 401s and concludes the key is bad.

Verified reproduction

Key minted with clay api-keys create (repo state: main as of 2026-07-10):

# As the skill instructs — fails:
curl -s -o /dev/null -w "%{http_code}" -H "Authorization: Bearer $KEY" \
  https://api.clay.com/public/v0/me       # -> 401

# Per developers.clay.com — works:
curl -s -o /dev/null -w "%{http_code}" -H "clay-api-key: $KEY" \
  https://api.clay.com/public/v0/me       # -> 200  {"user":...,"workspace":...}

Secondary fix: stale Search endpoint paths

The skill's "What it offers" section listed old routes. Verified against the live API:

Skill (old) Result Current Result
GET /searches/fields?source_type=companies 404 GET /search/filters-mode/fields?source_type=companies 200 (30 fields)
POST /searches 404 POST /search/filters-mode 400 (path exists, wants a body)

Pagination route left to the API reference rather than asserting an unverified path.

Changes (one file)

  • Auth: replace the Bearer sentence with the clay-api-key header + a /v0/me smoke-test.
  • Search paths: update the fields and start-search routes to the verified /search/filters-mode/... paths.

🤖 Generated with Claude Code

…ch paths

The public-api skill instructs agents to send the key as a Bearer token, which
returns 401 on every endpoint. The correct header is `clay-api-key: <key>`
(verified: Bearer -> 401, clay-api-key -> 200 on /v0/me).

Also refresh the stale Search endpoint paths: `/searches/fields` -> 404, now
`/search/filters-mode/fields` (200); `POST /searches` -> 404, now
`POST /search/filters-mode` (400, i.e. path exists and wants a body).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant