Authentication

Unless otherwise specified, API requests must be authenticated with a bearer token, sent as an Authorization header on each request.

Creating a token

Bearer tokens are created through the Mobiledock Integration Hub. Sign in with your Mobiledock account to access it.

Environment	Integration Hub URL
Production (APAC)	integrations.mobiledock.com
Production (NA)	integrations.na.mobiledock.com
Production (EU)	integrations.eu.mobiledock.com
Staging	integrations.staging.mobiledock.com

Once signed in:

Select the organisation you wish to create a token for.
Navigate to the Tokens page.
Click Create New Token.
Copy the token immediately and store it in a secure location.

Permissions

Each token must be assigned permissions that control which API operations it can perform. For security, select the minimum permissions required for your integration.

See the Permissions Reference for a complete list of available permissions.

Using the token

Add the token as a Bearer value in the Authorization header of every request.

Header	Value
`Authorization`	`Bearer YOUR_TOKEN`

curl -X POST https://my.mobiledock.com/api/v1/graphql \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"query": "{ bookings(count: 1) { results } }"}'

const response = await fetch('https://my.mobiledock.com/api/v1/graphql', {
  method: 'POST',
  headers: {
    'Authorization': 'Bearer YOUR_TOKEN',
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({ query: '{ bookings(count: 1) { results } }' }),
});

const data = await response.json();

Authentication errors

If a request is missing a token, or the token is invalid or expired, the API will respond with a 401 Unauthorized status code.

Status code	Meaning
`401`	Missing or invalid token
`403`	Token is valid but lacks the required permission