Only Remote APs and Instant APs connecting via IAP-VPN authenticate every time they come up. Campus APs with CPSEC only check whether or not they have a certificate issued by the existing controller structure. After that, they just use the certificate to secure their connection afterwords. So ClearPass would only be practical for Remote APs and Instant APs using IAP-VPN.
An alternate solution would be to synchronize ClearPass with Activate (it should have all of your access points that are purchased) to authorize any access points that are added to your network:
Again, this will only work for Remote APs, and new Campus APs. You would have to make sure that all of the access points that you order already appear in Activate. The main benefit of this would be if it is easier for you to manage all your access points in Activate and ClearPass, instead of in the controller's interface if you have multiple master/local "clusters".
I don't know if that is the information you wanted..