Overview
The Mobaro API gives you secure, programmatic access to your Mobaro environment. You can use it to:
Export checklist Results for reporting and compliance
Sync Users, Locations, and Assets with external systems
Automate Assignments and operational workflows
Connect Mobaro data to tools like Power BI, Excel, Tableau, or Google Sheets
Trigger downstream actions based on Results or operational events
The API follows REST conventions and communicates using HTTPS + JSON. If you are familiar with REST APIs, you’ll feel at home immediately. If you are new to APIs, don’t worry — this guide will walk you through your first request.
Tip: Mobaro is also available as a Microsoft Power Automate connector. If you prefer low/no-code automation, you may not need to write API requests directly.
Accessing your API key
To authenticate, you’ll need an API key from your Mobaro environment.
Go to Configuration → API keys in the Mobaro backend
Create or copy an existing key
Store it somewhere secure — treat it like a password
Important: If your key is ever shared publicly or included in a client-side app, regenerate it immediately.
Every API request must include:
X-Api-Key: YOUR_SECRET_TOKEN
Headers to include
Most requests require only an API key. However, when sending JSON in POST or PUT requests, include the content type header:
Request Type | Required Headers |
GET |
|
POST / PUT (with JSON) |
|
Example header block:
--header "X-Api-Key: YOUR_SECRET_TOKEN"
--header "Content-Type: application/json"
Sending your first request
Example: Retrieve all timesheet entries
Endpoint: GET /api/customers/timesheets
curl "https://app.mobaro.com/api/customers/timesheets" \
--header "X-Api-Key: YOUR_SECRET_TOKEN"
This returns a JSON list of timesheet records from your environment.
Example: Create a timesheet entry
Endpoint: POST /api/customers/timesheets
curl "https://app.mobaro.com/api/customers/timesheets" \
--request POST \
--header "Content-Type: application/json" \
--header "X-Api-Key: YOUR_SECRET_TOKEN" \
--data '{
"description": "Training session",
"user": "USER_ID",
"type": "Work",
"started": "2025-01-27T10:00:00Z",
"stopped": "2025-01-27T12:00:00Z"
}'
Tip: For items like user, location, or asset, you can discover IDs by calling the corresponding GET endpoint (e.g., /users, /locations, /assets).
Filtering and pagination
Many endpoints support:
LimitandOffsetfor paginationDate filters such as
CreatedAfter,UpdatedBefore, andAnsweredAfterFiltering by Location, Asset, User, or Checklist IDs
This helps keep responses efficient, especially when exporting large datasets.
Recommendation: Start with small Limit values in testing (e.g., Limit=20), then scale up for production workflows.
Using the API with Power Automate
If you prefer building workflows visually:
Open Microsoft Power Automate
Add the Mobaro connector
Choose an event (e.g., “When a Result is submitted”)
Connect to Excel, SharePoint, or any downstream system
This is ideal for organizations that want automation without managing scripts.
Best practices
Recommendation | Why it matters |
Never expose your API key | Keys grant full data access. Store them securely. |
Test with Postman or curl first | Ensures expected behavior before automating. |
Use date filters to export data in batches | Prevents timeouts and improves performance. |
Handle retry logic for 429/503 responses | The API may throttle requests during high load. |
Frequently asked questions
Q: Where do I find my API key?
Go to Configuration → API keys in the Mobaro backend. If you don’t see it, contact a Mobaro administrator in your organization.
Q: Can I modify checklists or change system configuration via the API?
No — the API is primarily for data access and automation, not authoring or administrative configuration.
Q: How do I filter by date?
Most list endpoints support filters like CreatedAfter, AnsweredBefore, or UpdatedAfter. Use ISO-8601 date formats (e.g., 2025-01-27T10:00:00Z).
Q: I’m getting a 401 error — what does it mean?
This indicates your API key is missing, invalid, or expired. Confirm your X-Api-Key header.