AroFlo MCP

clientnotes.md•13.9 KiB

# ClientNotes This zone allows retrieving, updating and creating [Client Notes](https://help.aroflo.com/x/N4-cAw) from your AroFlo site. ## WHERE filters | Field | Value | | --- | --- | | noteid | AroFlo ID | | createdutc | DATE(YYYY-MM-DD) | **Default WHERE clause** **THIS IS NOT AVAILABLE FOR FILTERING AND ONLY APPLIES TO DEFAULT FILTERS. DO NOT USE THIS IN YOUR CALLS** AND created_utc > DATEADD(d, -30, GETUTCDATE()) ## ORDER BY | Field | | --- | | dateposted | ## POSTXML variable definition <clientnotes> <clientnote> <noteid>AROFLOID</noteid> INSERT no / UPDATE required <clientid>AROFLOID</clientid> INSERT required / UPDATE yes <content>STRING (1000)</content> INSERT required / UPDATE required <filter>STRING(Internal Only, Show Client, Show Contractor, Show All, Internal Admin Only, Internal Admin and Manager Only)</filter> INSERT required / UPDATE yes <sticky>(STRING true|false)</sticky> INSERT yes / UPDATE yes </clientnote> </clientnotes> **Authorization:** bearer --- ### GET Get ClientNotes `GET https://api.aroflo.com/{{urlVarString}}` **Authorization:** bearer **Headers:** | Header | Value | Description | | --- | --- | --- | | `Authentication` | `HMAC {{af_hmac_signature}}` | | | `HostIP` | `XXX.XXX.XXX.XXX` | | | `Authorization` | `{{Authorization}}` | | | `Accept` | `text/json` | | | `afdatetimeutc` | `{{af_iso_timestamp}}` | | **Pre-request Script:** ```javascript //What type of HTTP Request we're making GET|POST var requestType = 'GET'; //When using a GET request set the urlVarString. //Also ensuring that all values are URIencoded if (requestType == 'GET') { var urlVarString = [ 'zone=' + encodeURIComponent('ClientNotes') ,'page=' + encodeURIComponent('1') ]; urlVarString = urlVarString.join('&'); pm.environment.set("urlVarString", '?' +urlVarString); //We now call the Authentication function and pass it our requestType and urlVarString AroFloAuth(requestType, urlVarString) } //When using a POST request set the formVarString if (requestType == 'POST') { var formVarString = [ 'zone=' + encodeURIComponent('tasks') ,'postxml=' ]; formVarString = formVarString.join('&'); pm.environment.set("formVarString", formVarString); //We now call the Authentication function and pass it our requestType and formVarString AroFloAuth(requestType, formVarString) } //The Authentication flow has been moved into a function to highlight that this is code that you must replicate in your own system/app/language //and must be called for every request. Each request requires it's own HMAC signature. function AroFloAuth(requestType, VarString) { //secret_key is a new auth key shown once only in the AroFloAPI Settings page. let secret_key = pm.environment.get('secret_key'); //We now need to set a timestamp as an ISO 8601 UTC timestamp e.g. "2018-07-25T01:39:57.135Z" let d = new Date(); let isotimestamp = d.toISOString(); //You need to send us what IP you are sending from let HostIP = pm.environment.get('HostIP'); //urlPath is currently '' and should not be changed let urlPath = ''; //rather than setting &format in the URL Variable scope, we now define an accept header //accept can be either 'text/json' or 'text/xml' let accept = pm.environment.get('accept'); //we also removed the uEncoded,pEncoded & orgEncoded from the URL variable scope and it is now set as an Authorization header //All values should be URIencoded let Authorization = 'uencoded='+encodeURIComponent(pm.environment.get('uEncoded'))+'&pencoded='+encodeURIComponent(pm.environment.get('pEncoded'))+'&orgEncoded='+encodeURIComponent(pm.environment.get('orgEncoded')); //Setting the first field to our request type GET|POST let payload = [requestType]; //If the HostIP hasn't been set then we can exclude that from our Auth string. Just remember to also exclude it from your header if (typeof HostIP != 'undefined') { payload.push(HostIP); pm.environment.set("HostIP", HostIP); } //We now add the rest of the fields needed to our payload array payload.push(urlPath); payload.push(accept); payload.push(Authorization); payload.push(isotimestamp); payload.push(VarString); //Create our hash using all of the fields we added to the payload array as a string, separated by '+' and encoded with our secret_key let hash = CryptoJS.HmacSHA512( payload.join('+'), secret_key); //Update the environment variables pm.environment.set("urlPath", urlPath); pm.environment.set("accept", accept); pm.environment.set("Authorization", Authorization); pm.environment.set("af_hmac_signature", hash.toString()); pm.environment.set("af_iso_timestamp", isotimestamp); }//end function ``` ### Example Responses #### Get ClientNotes (OK 200) ```json { "status": "0", "statusmessage": "Login OK. No WHERE clause found, default filter applied", "zoneresponse": { "maxpageresults": 500, "pagenumber": "1", "generatedisplayresponsetime": 0, "queryresponsetimes": { "clientnotes": 75 }, "clientnotes": [ { "filter": "Internal Only", "noteid": "JScqWyNSTEAgCg==", "content": "<p>This is a HTML Client note</p>", "user": { "userid": "JCQ6XyRRUCAgCg==", "username": "Commander Shepard" }, "clientid": "JCdKUyBRUCAgCg==", "sticky": "0", "created_utc": "2023/10/01 23:09:01", "datetimeposted": "2023/10/02 10:09:01" } ], "currentpageresults": 1 } } ``` --- ### POST Create ClientNote `POST http://api.aroflo.com/` **Authorization:** bearer **Headers:** | Header | Value | Description | | --- | --- | --- | | `Authentication` | `HMAC {{af_hmac_signature}}` | | | `HostIP` | `XXX.XXX.XXX.XXX` | | | `Authorization` | `{{Authorization}}` | | | `Accept` | `text/json` | | | `afdatetimeutc` | `{{af_iso_timestamp}}` | | | `Content-Type` | `application/x-www-form-urlencoded` | | **Body:** ``` {{formVarString}} ``` **Pre-request Script:** ```javascript //What type of HTTP Request we're making GET|POST var requestType = 'POST'; //When using a POST request set the formVarString if (requestType == 'POST') { var formVarString = [ 'zone=' + encodeURIComponent('ClientNotes') ,'postxml=' + encodeURIComponent('<clientnotes><clientnote><clientid>JCdKUydRMCAgCg==</clientid><content><![CDATA[ This is a client note with 1 user]]></content><filter><![CDATA[ Internal Only ]]></filter><sticky>false</sticky></clientnote></clientnotes>') ]; formVarString = formVarString.join('&'); pm.environment.set("formVarString", formVarString); //We now call the Authentication function and pass it our requestType and formVarString AroFloAuth(requestType, formVarString) } //The Authentication flow has been moved into a function to highlight that this is code that you must replicate in your own system/app/language //and must be called for every request. Each request requires it's own HMAC signature. function AroFloAuth(requestType, VarString) { //secret_key is a new auth key shown once only in the AroFloAPI Settings page. let secret_key = pm.environment.get('secret_key'); //We now need to set a timestamp as an ISO 8601 UTC timestamp e.g. "2018-07-25T01:39:57.135Z" let d = new Date(); let isotimestamp = d.toISOString(); //You need to send us what IP you are sending from let HostIP = pm.environment.get('HostIP'); //urlPath is currently '' and should not be changed let urlPath = ''; //rather than setting &format in the URL Variable scope, we now define an accept header //accept can be either 'text/json' or 'text/xml' let accept = pm.environment.get('accept'); //we also removed the uEncoded,pEncoded & orgEncoded from the URL variable scope and it is now set as an Authorization header //All values should be URIencoded let Authorization = 'uencoded='+encodeURIComponent(pm.environment.get('uEncoded'))+'&pencoded='+encodeURIComponent(pm.environment.get('pEncoded'))+'&orgEncoded='+encodeURIComponent(pm.environment.get('orgEncoded')); //Setting the first field to our request type GET|POST let payload = [requestType]; //If the HostIP hasn't been set then we can exclude that from our Auth string. Just remember to also exclude it from your header if (typeof HostIP != 'undefined') { payload.push(HostIP); pm.environment.set("HostIP", HostIP); } //We now add the rest of the fields needed to our payload array payload.push(urlPath); payload.push(accept); payload.push(Authorization); payload.push(isotimestamp); payload.push(VarString); //Create our hash using all of the fields we added to the payload array as a string, separated by '+' and encoded with our secret_key let hash = CryptoJS.HmacSHA512( payload.join('+'), secret_key); //Update the environment variables pm.environment.set("urlPath", urlPath); pm.environment.set("accept", accept); pm.environment.set("Authorization", Authorization); pm.environment.set("af_hmac_signature", hash.toString()); pm.environment.set("af_iso_timestamp", isotimestamp); }//end function ``` ### Example Responses #### Create ClientNote (OK 200) ```json { "status": "0", "statusmessage": "Login OK", "zoneresponse": { "postresults": { "updatetotal": 0, "errors": [], "updates": { "clientnotes": [] }, "inserttotal": 1, "inserts": { "clientnotes": [ { "filter": "Internal Only", "NOTEID": "JScqWyNSXFggCg==", "content": "This is a client note with 1 user", "dateposted": "2023/10/13 13:55:41", "clientid": "JCdKUydRMCAgCg==", "sticky": 0 } ] } } } } ``` --- ### POST Update ClientNote `POST http://api.aroflo.com/` **Authorization:** bearer **Headers:** | Header | Value | Description | | --- | --- | --- | | `Authentication` | `HMAC {{af_hmac_signature}}` | | | `HostIP` | `XXX.XXX.XXX.XXX` | | | `Authorization` | `{{Authorization}}` | | | `Accept` | `text/json` | | | `afdatetimeutc` | `{{af_iso_timestamp}}` | | | `Content-Type` | `application/x-www-form-urlencoded` | | **Body:** ``` {{formVarString}} ``` **Pre-request Script:** ```javascript //What type of HTTP Request we're making GET|POST var requestType = 'POST'; //When using a POST request set the formVarString if (requestType == 'POST') { var formVarString = [ 'zone=' + encodeURIComponent('ClientNotes') ,'postxml=' + encodeURIComponent('<clientnotes><clientnote><noteid>JScqWyNSXFggCg==</noteid><content><![CDATA[ This is an updated client note]]></content><filter><![CDATA[ Show All ]]></filter><sticky>false</sticky></clientnote></clientnotes>') ]; formVarString = formVarString.join('&'); pm.environment.set("formVarString", formVarString); //We now call the Authentication function and pass it our requestType and formVarString AroFloAuth(requestType, formVarString) } //The Authentication flow has been moved into a function to highlight that this is code that you must replicate in your own system/app/language //and must be called for every request. Each request requires it's own HMAC signature. function AroFloAuth(requestType, VarString) { //secret_key is a new auth key shown once only in the AroFloAPI Settings page. let secret_key = pm.environment.get('secret_key'); //We now need to set a timestamp as an ISO 8601 UTC timestamp e.g. "2018-07-25T01:39:57.135Z" let d = new Date(); let isotimestamp = d.toISOString(); //You need to send us what IP you are sending from let HostIP = pm.environment.get('HostIP'); //urlPath is currently '' and should not be changed let urlPath = ''; //rather than setting &format in the URL Variable scope, we now define an accept header //accept can be either 'text/json' or 'text/xml' let accept = pm.environment.get('accept'); //we also removed the uEncoded,pEncoded & orgEncoded from the URL variable scope and it is now set as an Authorization header //All values should be URIencoded let Authorization = 'uencoded='+encodeURIComponent(pm.environment.get('uEncoded'))+'&pencoded='+encodeURIComponent(pm.environment.get('pEncoded'))+'&orgEncoded='+encodeURIComponent(pm.environment.get('orgEncoded')); //Setting the first field to our request type GET|POST let payload = [requestType]; //If the HostIP hasn't been set then we can exclude that from our Auth string. Just remember to also exclude it from your header if (typeof HostIP != 'undefined') { payload.push(HostIP); pm.environment.set("HostIP", HostIP); } //We now add the rest of the fields needed to our payload array payload.push(urlPath); payload.push(accept); payload.push(Authorization); payload.push(isotimestamp); payload.push(VarString); //Create our hash using all of the fields we added to the payload array as a string, separated by '+' and encoded with our secret_key let hash = CryptoJS.HmacSHA512( payload.join('+'), secret_key); //Update the environment variables pm.environment.set("urlPath", urlPath); pm.environment.set("accept", accept); pm.environment.set("Authorization", Authorization); pm.environment.set("af_hmac_signature", hash.toString()); pm.environment.set("af_iso_timestamp", isotimestamp); }//end function ``` ### Example Responses #### Update ClientNote (OK 200) ```json { "status": "0", "statusmessage": "Login OK", "zoneresponse": { "postresults": { "updatetotal": 1, "errors": [], "updates": { "clientnotes": [ { "filter": "Show All", "noteid": "JScqWyNSXFggCg==", "content": "This is an updated client note", "dateposted": "2023/10/13 13:53:34", "sticky": 0, "clientid": "JCdKUydRMCAgCg==" } ] }, "inserttotal": 0, "inserts": { "clientnotes": [] } } } } ```

Loading blob content...

Latest Blog Posts

Redis vs ioredis vs valkey-glide
By punkpeye on January 26, 2026.
benchmark
Redis
valkey
Quickstart: Publish an MCP Server to the MCP Registry
By punkpeye on January 24, 2026.
mcp
official reference mirror
Official MCP Registry Server.json Requirements
By punkpeye on January 24, 2026.
mcp
official reference mirror

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/0x1NotMe/aroflo-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

clientnotes.md•13.9 KiB