Request an access token from the Papaya Global authentication endpoint by including your api_key and client_secret; the response returns a Bearer token valid for 24 hours
Include the token in all subsequent requests as Authorization: Bearer YOUR_ACCESS_TOKEN over HTTPS
List all workers with GET /api/v1/workers, using pagination parameters to page through large rosters
Retrieve a specific worker by ID with GET /api/v1/workers/{worker_id}
After a payroll cycle closes, fetch payroll records for the worker with GET /api/v1/payroll?worker_id={worker_id}
Store payroll records in your system and reconcile against expected amounts before payment confirmation
Known gotchas
The access token is valid for 24 hours and can be reused for multiple requests during that window; cache it and re-authenticate only when it expires rather than fetching a new token per request
Sandbox and production environments use separate API keys and client IDs — keep them in different secrets stores to prevent accidental cross-environment writes
Payroll records are only available via the API after the payroll cycle closes on the Papaya platform; polling mid-cycle returns incomplete data
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp