Register a developer application at developers.7shifts.com to obtain a Client ID and Client Secret for OAuth 2.0.
Direct restaurant admins through the OAuth 2.0 authorization code flow; after authorization, exchange the code for an access token and refresh token.
Include the access token as a Bearer token in the Authorization header and the company's GUID in the x-company-guid header on all API requests to https://api.7shifts.com/v2.
GET /v2/locations to retrieve the list of locations (restaurants) and their IDs for the authenticated company.
GET /v2/shifts with query parameters for location_id, start, and end dates to retrieve published shifts for that location.
Handle pagination using the cursor-based or offset pagination pattern documented in the 7shifts API reference; the rate limit is 10 requests per second per access token.
Known gotchas
Tokens expire after 1 hour and must be refreshed using the refresh token; build proactive token refresh logic rather than waiting for a 401 response.
The x-company-guid header is required in addition to the Authorization header; omitting it returns an error even with a valid access token.
7shifts is restaurant-industry focused; its data model uses concepts like departments, roles, and locations that map to restaurant terminology rather than generic HR terms.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp