Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From sherweb
Guides Sherweb API and MCP tools integration: OAuth 2.0 client credentials auth, token management, subscription key headers, endpoints, rate limits, error codes, scopes, Accept-Language, best practices.
npx claudepluginhub wyre-technology/msp-claude-plugins --plugin sherwebHow this skill is triggered — by the user, by Claude, or both
Slash command
/sherweb:api-patternsThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
The Sherweb Partner API provides programmatic access to distributor-level operations including customer management, subscription lifecycle, and billing data. The API uses OAuth 2.0 client credentials flow for authentication, requires a subscription key header for API management, and exposes two main scopes: distributor and service-provider. This skill covers authentication, endpoints, MCP tool ...
Lists Sherweb customers, retrieves details and accounts receivable via API tools, and explains distributor > service provider > customer hierarchy for MSPs.
Guides Pax8 MCP API tools: connect to hosted server with token auth, use parameters/pagination/sorting/filtering for 15 tools on companies/products/subscriptions/orders/invoices, handle rate limits/errors.
Provides GraphQL API patterns for SuperOps.ai: Bearer token auth, query/mutation building, cursor pagination, rate limiting, and error handling.
Share bugs, ideas, or general feedback.
The Sherweb Partner API provides programmatic access to distributor-level operations including customer management, subscription lifecycle, and billing data. The API uses OAuth 2.0 client credentials flow for authentication, requires a subscription key header for API management, and exposes two main scopes: distributor and service-provider. This skill covers authentication, endpoints, MCP tool usage, error handling, and best practices.
Sherweb uses the OAuth 2.0 client credentials grant for machine-to-machine authentication. No user interaction is required.
Token Endpoint:
POST https://api.sherweb.com/auth/oidc/connect/token
Request Parameters:
| Parameter | Value |
|---|---|
grant_type | client_credentials |
client_id | Your Sherweb Client ID |
client_secret | Your Sherweb Client Secret |
scope | distributor or service-provider (see Scopes section) |
Token Response:
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6...",
"expires_in": 3600,
"token_type": "Bearer"
}
Key details:
Authorization headerIn addition to the Bearer token, every API request must include the API management subscription key:
| Header | Value | Description |
|---|---|---|
Ocp-Apim-Subscription-Key | Your subscription key | API management gateway key |
This key is obtained from the Sherweb Partner Portal (cumulus.sherweb.com) under Security > APIs.
Every API request must include:
| Header | Value |
|---|---|
Authorization | Bearer <access_token> |
Ocp-Apim-Subscription-Key | <subscription_key> |
Content-Type | application/json |
Accept | application/json |
export SHERWEB_CLIENT_ID="your-client-id"
export SHERWEB_CLIENT_SECRET="your-client-secret"
export SHERWEB_SUBSCRIPTION_KEY="your-subscription-key"
export SHERWEB_MCP_URL="https://your-sherweb-mcp-url"
Sherweb supports two API scopes that control the level of access:
| Scope | Description | Base URL |
|---|---|---|
distributor | Full distributor-level access to all service providers and their customers | https://api.sherweb.com/distributor/v1 |
service-provider | Scoped to a single service provider (MSP) and their customers | https://api.sherweb.com/service-provider/v1 |
service-provider scope - This gives access to your own customers and subscriptions| Scope | Base URL |
|---|---|
| Distributor | https://api.sherweb.com/distributor/v1 |
| Service Provider | https://api.sherweb.com/service-provider/v1 |
| Endpoint | Method | Description |
|---|---|---|
/customers | GET | List customers |
/customers/{id} | GET | Get customer details |
/customers/{id}/accounts-receivable | GET | Customer AR data |
/subscriptions | GET | List subscriptions |
/subscriptions/{id} | GET | Get subscription details |
/subscriptions/{id}/quantity | PATCH | Change subscription quantity |
/billing/periods | GET | List billing periods |
/billing/periods/{id}/charges | GET | Get payable charges |
/billing/invoices | GET | List invoices |
/billing/invoices/{id} | GET | Get invoice details |
| Tool | Description | Parameters |
|---|---|---|
sherweb_customers_list | List and search customers | page, pageSize, search |
sherweb_customers_get | Get a single customer | customerId (required) |
sherweb_customers_get_accounts_receivable | Get customer AR data | customerId (required) |
| Tool | Description | Parameters |
|---|---|---|
sherweb_subscriptions_list | List subscriptions with filters | customerId, page, pageSize, status |
sherweb_subscriptions_get | Get a single subscription | subscriptionId (required) |
sherweb_subscriptions_change_quantity | Modify seat count | subscriptionId (required), quantity (required) |
| Tool | Description | Parameters |
|---|---|---|
sherweb_billing_get_billing_periods | List billing periods | page, pageSize |
sherweb_billing_get_payable_charges | Get charges for a period | billingPeriodId (required), page, pageSize |
sherweb_billing_get_charge_details | Get charge breakdown | chargeId (required) |
sherweb_billing_get_invoices | List invoices | page, pageSize, status |
sherweb_billing_get_invoice_details | Get invoice details | invoiceId (required) |
All list endpoints use 1-based page pagination:
| Parameter | Description | Default | Max |
|---|---|---|---|
page | Page number (1-based) | 1 | - |
pageSize | Results per page | 25 | 100 |
Pagination Response Metadata:
| Field | Description |
|---|---|
page | Current page number |
pageSize | Number of results per page |
totalCount | Total number of records |
totalPages | Total number of pages |
page=1 and pageSize=100totalPages in the responsepage and call againpage >= totalPagesThe Sherweb API supports localized responses via the Accept-Language header:
| Header | Values | Description |
|---|---|---|
Accept-Language | en, fr | Response language (English or French) |
This is particularly useful since Sherweb is a Canadian company with bilingual support. Product names, descriptions, and error messages can be returned in either language.
Request Token --> Cache Token --> Use Token (up to 1 hour) --> Refresh Token
|
Refresh 5 min before expiry
Caching strategy:
current_time + expires_in)| Metric | Limit |
|---|---|
| Requests per second | Varies by endpoint |
| Requests per minute | Varies by subscription tier |
When rate limited, the API returns a 429 Too Many Requests response with:
| Header | Description |
|---|---|
Retry-After | Seconds to wait before retrying |
Rate limit strategy:
Retry-After header when presentpageSize=100 to minimize pagination requests| Code | Description | Action |
|---|---|---|
| 200 | Success | Process response |
| 400 | Bad Request | Check request parameters |
| 401 | Unauthorized | Token expired or invalid; re-authenticate |
| 403 | Forbidden | Insufficient scope or permissions |
| 404 | Not Found | Resource does not exist |
| 409 | Conflict | Conflicting operation (e.g., pending change) |
| 429 | Too Many Requests | Rate limited; wait and retry |
| 500 | Internal Server Error | Sherweb server issue; retry with backoff |
| 503 | Service Unavailable | Temporary outage; retry later |
Authentication Error (401):
{
"error": "invalid_token",
"error_description": "The access token has expired"
}
Validation Error (400):
{
"errors": [
{
"field": "quantity",
"message": "Quantity must be greater than 0"
}
]
}
Rate Limit (429):
{
"statusCode": 429,
"message": "Rate limit exceeded. Retry after 30 seconds."
}
Ocp-Apim-Subscription-Key header is setGET /customers?pageSize=1 to verify authentication workspageSize=100 to minimize total API calls when fetching all recordsservice-provider scope, not distributorOcp-Apim-Subscription-Key headerAccept-Language: en (or fr) for consistent response language