Request a developer API key (W-Key) from When I Work, which requires admin-level access to the account.
POST to https://api.login.wheniwork.com/login with a JSON body containing the user's email and password, and include your developer key in a W-Key request header.
Extract the token value from the login response; this token identifies the authenticated user session.
Include the session token as an Authorization header (Authorization: Bearer <token>) on subsequent API calls to https://api.wheniwork.com/2/.
Call GET /2/shifts with query parameters such as start and end dates to retrieve shifts within a time range.
Known gotchas
The W-Key header is a developer/application key used specifically at the login step — it is not the same as the session token returned by the login call; both are required at the appropriate step.
The login endpoint is at api.login.wheniwork.com (a separate subdomain from the main API at api.wheniwork.com) — using the wrong base URL will result in connection or 404 errors.
Session tokens are tied to a specific When I Work user account; building a service integration requires a dedicated account with the appropriate permissions rather than an end-user's personal credentials.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp