Authentication

v2.0

In order to work with the API you will need an access token. You can obtain an access token by creating a client secret and client id through the API tokens UI in Tracket.

You can find the API tokens by navigating to Preferences in the top right corner of Tracket and then selecting the dropdown item API tokens.

API tokens menu

After creating a new API token you will be presented with 2 fields: client secret, client id. You will need both to fetch an access token with the following command:

curl -H "Content-Type: application/json" https://tracket.dev/api/2.0/oauth2/token --data "{\"grant_type\":  \"client_credentials\",\"client_id\": \"YOUR_CLIENT_ID\",  \"client_secret\": \"YOUR_CLIENT_SECRET\"}"

This will return a json object with an access_token.

Short-lived token

This token is valid for 1 hour and you will need to fetch a new bearer token with your client secret, client id and account id to get a new one.

You can now query our API with the authorization header Bearer YOUR_ACCESS_TOKEN.

v1.0 (deprecated)

In order to work with the API you will need an access token. You can obtain an access token by creating a client secret and client id through the API tokens UI in the period overview.

You can find the API tokens by navigating to Preferences in the top right corner of Tracket and then selecting the dropdown item API tokens.

After creating a new API token you will be presented with 3 fields: client secret, client id and account id. You will need all three to fetch an access token with the following command:

curl -H "Content-Type: application/json" https://v1-gateway-9e6mvodx.uk.gateway.dev/api/1.0/oauth2/token --data "{\"grant-type\": \"client-credentials\",\"monday/account-id\": YOUR_ACCOUNT_ID,\"client-id\": \"YOUR_CLIENT_ID\",\"client-secret\": \"YOUR_CLIENT_SECRET\"}"

This will return a json object with two properties, id-token and refresh-token. We currently do not support refresh tokens, but we already included it in this response. The id-token is your access token which can be used to query our API.

This token is valid for 1 hour and you will need to fetch a new bearer token with your client secret, client id and account id to get a new one.

You can now query our API with the authorization header "Bearer YOUR_ACCESS_TOKEN".