Register an application in the Intuit Developer Portal to obtain a client ID and client secret for the QuickBooks Time OAuth 2.0 flow.
Direct users through the OAuth 2.0 authorization code flow; exchange the authorization code for an access token and refresh token at the Intuit token endpoint.
Include the access token as a Bearer token in the Authorization header on all requests to the QuickBooks Time REST API base URL https://rest.tsheets.com/api/v1.
GET /timesheets with query parameters such as start_date, end_date, and user_ids to retrieve timesheet records; the API returns a map of timesheet objects keyed by ID.
Follow pagination using the more field in the response; when more is true, use the page parameter to retrieve subsequent pages.
Refresh the access token before expiry using the refresh token; the QuickBooks Time access token expiry is documented by Intuit and should not be hard-coded.
Known gotchas
The QuickBooks Time API uses its own token endpoint and base URL (rest.tsheets.com) distinct from the main QuickBooks Online API; do not reuse QBO tokens for TSheets calls.
The API enforces a rate limit of 300 requests per 5-minute window; high-frequency polling exceeds this quickly—implement webhook subscriptions for real-time updates instead.
All API communication must occur over TLS; the API rejects plain HTTP connections.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp