ServiceM8 · Authentication Profile

Servicem8 Authentication

Authentication

ServiceM8 secures its APIs with apiKey and oauth2 across 2 declared security schemes, as derived from its OpenAPI definitions. OAuth 2.0 is offered via the authorizationCode flow(s).

Field ServiceJob ManagementTradesSchedulingDispatchInvoicingHome Services
Methods: apiKey, oauth2 Schemes: 2 OAuth flows: authorizationCode API key in: header

Security Schemes

apiKeyAuth apiKey
· in: header (X-API-Key)
oauth2 oauth2
· flows: authorizationCode

Source

Authentication Profile

Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/servicem8-openapi.yml
summary:
  types:
  - apiKey
  - oauth2
  api_key_in:
  - header
  oauth2_flows:
  - authorizationCode
schemes:
- name: apiKeyAuth
  type: apiKey
  in: header
  parameter: X-API-Key
  description: API key for private/single-account integrations.
  sources:
  - openapi/servicem8-openapi.yml
- name: oauth2
  type: oauth2
  flows:
  - flow: authorizationCode
    authorizationUrl: https://go.servicem8.com/oauth/authorize
    tokenUrl: https://go.servicem8.com/oauth/access_token
    scopes: 11
  description: OAuth 2.0 for public add-ons. Access tokens expire after 3600 seconds.
  sources:
  - openapi/servicem8-openapi.yml