CalmBoard
Settings Back to dashboard

Paid plan feature

Integrations & APIs

Create API keys for Jira, Trello, Asana, Slack, Microsoft Teams, internal agents, and custom workflows that need secure access to CalmBoard data.

Plan: loading

API keys

Checking API access...

REST API reference

Use versioned endpoints to connect CalmBoard with Jira, Trello, Asana, Slack, Microsoft Teams, internal agents, and custom workflows. API keys inherit the creating user's permissions, so each request can only read or change projects and boards that user can access.

Download Postman collection

Authentication

Use either a static API key or an OAuth-issued bearer token.

Authorization: Bearer cbk_your_api_key
X-CalmBoard-API-Key: cbk_your_api_key

Or an OAuth-issued bearer token.

Authorization: Bearer cbo_oauth_access_token

OAuth bearer tokens

Host applications can start a PKCE authorization-code flow by sending the user to CalmBoard, then exchanging the returned code for a bearer token. CalmBoard uses a pre-registered public client ID for each user and requires the OAuth resource parameter so tokens are bound to the Integration API resource.

In Postman, the authorization-code request uses session auth. Run the collection's sign-in helper first, or copy localStorage.calmboard_token from a signed-in CalmBoard browser session into the sessionToken collection variable.

Your OAuth client ID

Use this public client ID in the OAuth authorize request for your host application.

Loading...

Add the callback URLs your host application may use, separated by commas. Use no more than 3 exact URIs. Public callbacks must use HTTPS; HTTP is allowed only for localhost, 127.0.0.1, 0.0.0.0, or IPv6 loopback during local testing. Do not include URL fragments.

OAuth authorization will reject redirect URIs that are not listed here.

1. Redirect the user to authorize

Loading OAuth authorize example...

2. Exchange the code for a token

Loading OAuth token example...

3. Call the integration API

curl -H "Authorization: Bearer cbo_oauth_access_token" \
  https://calmboard.ai/api/v1/projects

OAuth metadata for agents

GET https://calmboard.ai/.well-known/oauth-protected-resource
GET https://calmboard.ai/.well-known/oauth-protected-resource/mcp
GET https://calmboard.ai/.well-known/oauth-authorization-server
POST https://calmboard.ai/api/oauth/register

MCP server endpoint

POST https://calmboard.ai/mcp
Authorization: Bearer cbo_oauth_access_token
OAuth resource: https://calmboard.ai/mcp

Request and response examples

Common errors

  • 401 missing_api_key, invalid_api_key, or api_key_revoked.
  • 403 paid_plan_required when the user plan does not include integration APIs.
  • 403 forbidden when the API-key user cannot access the project.
  • 404 not_found for missing resources.
  • 429 rate_limit_exceeded when the key exceeds the configured request window.