Client Certificate-Based API Authentication

Note: This feature is in Controlled Availability. 
Contact your Clarizen Customer Success Manager or Clarizen Support to request access.


You can now use your own (client-side) certificates in Clarizen for authorizing outbound API calls (webhooks) from Clarizen.


  • Inbound calls to Clarizen are not supported
  • Authentication certificates are not supported by other Clarizen integrations, such as Jira, Salesforce, Data Loader, etc.
  • This solution requires IP whitelisting. Clarizen will provide a range of addresses to use in firewalls, gateways, etc.

How it Works


  • The certificate must reside in a .cer or .pfx file, which is SSL-based.
  • The certificate should include standard information like a digital signature, expiration date, name of the client application, name of CA (Certificate Authority), revocation status, SSL/TLS version number, serial number, etc., and all all structured using the X.509 standard


  1. In Clarizen, open Settings > Extensions, and scroll down to Integration Certificates.
  2. In Manage Certificates, click Add Certificate to enter the required information.
    Click Replace to replace a certificate.
  3. Locate and select the certificate file. Click Save.
  4. In your Configuration, select Outbound Call as the action to run on.
    Select Use Certificate for this service, and select your certificate file.
    Finally, select the fields to include in the call.
Have more questions? Submit a request