Register an application in the Upwork API Center selecting OAuth 2.0 as the key type; complete the OAuth 2.0 authorization code flow to obtain an access_token.
Send all GraphQL requests as POST to https://api.upwork.com/graphql with the Authorization: Bearer YOUR_ACCESS_TOKEN header and, where multi-org access is needed, add the X-Upwork-API-TenantId header set to the target organization ID.
Construct a GraphQL query using the talent search query documented in the API reference at upwork.com/developer/documentation/graphql/api/docs; include fields such as profile name, skills, hourly rate, and job success score.
Parse the JSON response and use cursor-based pagination as documented in the API reference to retrieve additional pages of results.
Use the GraphQL Explorer at upwork.com/developer/explorer to validate query syntax and inspect the live schema before integrating.
Known gotchas
The Upwork OAuth 1.0a REST API was sunset on December 15, 2023; only OAuth 2.0 is current — never use oauth_signature or OAuth 1.0a headers.
Write mutations (submitting proposals, spending Connects) are not available in the public GraphQL API; only read operations for talent and job data are exposed.
The X-Upwork-API-TenantId header is required when the authenticated user belongs to multiple organizations; omitting it can cause the request to run in an incorrect org context.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp