Overview
The MRI Qube integration uses the Vaultre REST API with OAuth 2.0 authentication. This reference documents our internal service layer that wraps the MRI API.
This documentation is for developers building on or extending the integration.
Authentication
OAuth 2.0 Client Credentials Flow
// OAuth token request
POST https://api.vaultre.com.au/oauth/token
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials
&client_id={CLIENT_ID}
&client_secret={CLIENT_SECRET}
&scope=read write
Token Response
{
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9...",
"token_type": "Bearer",
"expires_in": 3600,
"scope": "read write"
}
Tokens expire after 1 hour. The service automatically refreshes tokens 5 minutes before expiry.
Service Configuration
interface MRIConfig {
baseUrl: string; // API base URL
clientId: string; // OAuth client ID
clientSecret: string; // OAuth client secret
scope: string; // OAuth scopes
environment: 'sandbox' | 'production';
}
interface MRIServiceConfig {
rateLimiting: {
requestsPerMinute: 60;
requestsPerHour: 1000;
burstLimit: 10;
};
retry: {
maxRetries: 3;
baseDelay: 1000;
maxDelay: 10000;
backoffMultiplier: 2;
};
timeout: {
connectionTimeout: 10000;
requestTimeout: 30000;
};
}
API Endpoints
Properties
The MRI property identifier
// List all properties
GET /api/v1/properties?page={page}&limit={limit}
// Get single property
GET /api/v1/properties/{propertyId}
// Get units for property
GET /api/v1/properties/{propertyId}/units
Tenancies
// List tenancies for property
GET /api/v1/properties/{propertyId}/tenancies
// Get single tenancy
GET /api/v1/tenancies/{tenancyId}
// List all contacts
GET /api/v1/contacts?type={contactType}
// Get single contact
GET /api/v1/contacts/{contactId}
tenant, owner, director, agent, supplier
Financial
// List transactions
GET /api/v1/properties/{propertyId}/transactions
?start_date={date}&end_date={date}&page={page}&limit={limit}
// List budgets
GET /api/v1/properties/{propertyId}/budgets?year={year}
// List invoices
GET /api/v1/properties/{propertyId}/invoices?status={status}
Maintenance
// List work orders
GET /api/v1/properties/{propertyId}/work-orders?status={status}
// Get single work order
GET /api/v1/work-orders/{workOrderId}
Documents
// List documents
GET /api/v1/properties/{propertyId}/documents?category={category}
// Get document metadata
GET /api/v1/documents/{documentId}
// Download document
GET /api/v1/documents/{documentId}/download
interface MRIApiResponse<T> {
success: boolean;
data?: T;
error?: string;
pagination?: {
page: number;
limit: number;
total: number;
hasMore: boolean;
};
}
Rate Limiting
The integration implements automatic rate limiting:
- 60 requests/minute sustained rate
- 1000 requests/hour hourly limit
- 10 request burst for short spikes
When rate limited, requests queue and retry with exponential backoff.
Error Codes
| Code | Meaning | Action |
|---|
| 401 | Unauthorized | Token expired, will auto-refresh |
| 403 | Forbidden | Check API permissions |
| 404 | Not Found | Resource doesn’t exist in MRI |
| 429 | Rate Limited | Wait and retry (automatic) |
| 500 | Server Error | Retry with backoff |
