Register an application in the project44 developer portal to obtain a client ID and client secret for your environment (sandbox or production).
POST to the project44 OAuth token endpoint with grant_type=client_credentials, client_id, and client_secret; receive an access_token and expires_in value.
Store the token in memory with an expiry timestamp; wrap every outbound API call to check if the token is within a safe refresh window (e.g., 60 seconds before expiry) and re-fetch before the call.
Include the token as a Bearer value in the Authorization header on all subsequent requests to the project44 Visibility, Capacity, or Shipment APIs.
Handle 401 responses by immediately discarding the cached token, re-authenticating, and retrying the failed request exactly once to cover race conditions at token boundary.
Known gotchas
project44 issues separate tokens per environment; a sandbox token is rejected by the production endpoint and vice versa — confirm the base URL matches the token's issuing environment.
Token endpoints have their own rate limits distinct from the Visibility API; excessive re-authentication attempts (e.g., fetching a new token per request) can trigger throttling before any shipment API call is made.
client_secret rotation in the portal invalidates all outstanding tokens immediately; build alerting or a secrets-manager hook so integrations are updated before the old secret expires.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp