Introduction
Security and Authentication
You must make sure that you have following 2 important information in order to proceed with integration.
API Key: Clients unique identifier on PF ExpertAPI Secret: Clients secret to authenticate before issuing access token
In Basic HTTP authentication, a request contains a header field in the form of Authorization: Basic {credentials} ,
where credentials is the Base64 encoding of API key and API secret joined by a single colon :
Once you have the required API credentials, you need to request for an access token using the integration credentials.
Token Endpoint :
POST https://auth.propertyfinder.com/auth/oauth/v1/token
Authorization: Basic {BASE64_VALUE}
{
"scope": "openid",
"grant_type": "client_credentials"
}
An access token will be issued which will expire in 30 minutes. Once token is expired, a fresh token must be requested. No refresh token flow is supported in this integration.
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cC....rvfrLQrc5rgH30SoJQee1LBHXk9UmwnrUzm64M91w",
"token_type": "Bearer",
"expires_in": 1800
}
Once token is issued, it must be sent as a Bearer i.e. Authorization Bearer {access_token}.
curl -H "Authorization: Bearer {access_token}" https://api-v2.mycrm.com/{api_endpoint}
Header
Some custom headers will provide some extra information :
X-MyCRM-API-Warningwill give you some warning about the related requestX-MyCRM-Expand-Datawill provide more information about the related request (not available on all request)
The expanded data refers only related object to the requested resource (example : agent related to the property, landlord related to the property, etc.). By default, any related object is not expanded and only the id is returned. The header will allow you to return the full object instead of the object id. About related objects list, they won't be returned by default. Only the header will allow you to retrieve collection related to the current object.
Http code
MyCRM responds to successful requests with HTTP status codes in the 200 or 300 range. When you create or update a resource, MyCRM renders the resulting JSON representation in the response body and set a Location header pointing to the resource. Example:
Status: 201 Created
Location: https://api-v2.mycrm.com/users/123
{
"user": {
"id": 123,
"first_name": "James",
...
"created_at": "2012-04-04T09:14:57Z"
}
}
MyCRM responds to unsuccessful requests with HTTP status codes in the 400 range.
According to the W3C, here the list of the http code we will use :
| Http code | Comment |
|---|---|
| 200 | The request has succeeded |
| 201 | The request has been fulfilled and resulted in a new resource being created |
| 204 | The server has fulfilled the request but does not need to return an entity-body |
| 400 | The request has failed |
| 401 | The token is missing or incorrect |
| 403 | The resource need more authorizations |
| 404 | The requested resource or the requested route does not exist |
| 500 | An internal error has occurred |
Response error
An error will provide an 400 range http code. The error code provided will me among the following list:
* ResourceNotFound : Missing resource (e.g a non existing user, non existing route etc.)
* InvalidRequest : POST, PUT or PATCH method that is malformed (e.g missing fields, bad format fields, etc)
* MethodNotAllowed : Bad HTTP method
* InternalError : API is not able to describe the current error
* AuthenticationError : Authentication is required, either it's missing or invalid
* AccessDenied : Not enough permission
* InvalidAction : The request contains invalid action
Response that contains an error will have the following format:
{
"user": "ResourceNotFound",
"messages" : [
"No route found for \"GET \/users\/foo\/bar\""
]
}
Response fields
By default, all described fields in the endpoint will be returned. You can defined a list of fields that only should be returned. You can define these filters with the "field" parameter :
curl -H "Token: {token}" https://api-v2.mycrm.com/users/1?fields=id,first_name
{
"user": {
"id": 123,
"first_name": "James",
}
}
Pagination
By default, most list endpoints return a maximum of 100 records per page. You can change the number of records on a per-request basis by passing a per_page parameter in the request URL parameters. Example: per_page=50. However, you can't exceed 100 records per page on most endpoints.
When the response exceeds the per-page maximum, you can paginate through the records by incrementing the page parameter. Example: page=3.
List also include the total count of the available items:
{
"count": 1234,
"page": 1,
"per_page": 100,
"users": [ ... ],
}
The sorting will use sort and sort_order parameters.