Skip to main content

At a glance

  • Availability: Experimental (how to enable).
  • Auth: OAuth 2.0 (client credentials).
  • Connection: Veryfront mints machine-to-machine tokens from the client ID and secret in the project’s environment variables.
  • Docs: https://developers.getmoss.com/

Credentials

Set these per environment. See Connect an integration.

Setup

  1. Create an API key: As a Moss admin, go to Settings > Platform > API Keys in the Moss app and create a key. You receive a Key ID (kid_…) and a Secret Key (sk_…). Only admins can create API keys.
  2. Set environment variables: Set MOSS_CLIENT_ID to the Key ID and MOSS_CLIENT_SECRET to the Secret Key.
  3. Verify access: Run List Bank Accounts or List Expenses. Access tokens are minted automatically via the OAuth2 client_credentials grant at https://public-api.getmoss.com/oauth2/token (valid for 1 hour, scope ‘read’).
  • This connector requests the ‘read’ scope only; Moss write endpoints (creating suppliers, dimensions, or dimension items) require scope ‘write’ and are not included.
  • Rate limits: 180 read requests/minute and 20 write requests/minute per company.
  • The Search Bank Transactions and Search Receipt Files tools use POST search-query endpoints but are read-only.
Provider API reference: https://developers.getmoss.com/

Tools

Example prompts

  • List Moss expenses with export status READY_FOR_EXPORT and summarize them by type and supplier.
  • Show this month’s Moss card transactions and break down spend by status.
  • For my most recent approved Moss expenses, check which ones have receipt files attached.