Scribd Logo
Upload

Welcome to Scribd!

  • 2 views

    Guesty Partner Auth Update - PRODUCTION

    Uploaded by

    antonmatiunin

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Guesty Partner Auth Update - PRODUCTION

    Uploaded by

    antonmatiunin
    2 views6 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    2 views6 pages

    Guesty Partner Auth Update - PRODUCTION

    Uploaded by

    antonmatiunin

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 6

    Guesty Partner Auth Update - August 2022

    Old Guesty API authentication is scheduled to deprecate January 31st, 2023

    Appendix:

    1. Recommended steps to update your app’s authentication with Guesty


    2. Authentication update instructions with API examples and additional details
    3. Existing/connected users migration instructions
    1.Recommended steps:

    1. Implement the new authentication flow.


    2. Update your app’s user-facing section to accept the new authentication flow.
    3. Inform Guesty Integrations (michael.schiff@guesty.com and lucia.velasco@guesty.com) that
    you have completed the update. Guesty will toggle your integration to generate the new flow
    within 1 business day.
    4. Migrate existing users to the new authentication using the dedicated API in this document.
    2. Instructions:

    Please access your Guesty test account (production).


    https://app.guesty.com/

    For your authentication-testing and development purposes please use this integration tile on
    your Guesty (production) test account: https://app.guesty.com/integrations/partners/guesty
    %20developer%20tools

    1. Click “connect” and copy the “integration token”.

    2. Trigger this API call using the “integration token”:

    curl --location --request GET 'https://partners.guesty.com/v1/partners-credentials?


    integrationToken={integration token}' \
    --header Authorization: Bearer {integration token}' \

    3. If the integration token is valid, you will receive a response with a pair of client credentials:

    client_id
    client_secret

    (!) The integration token can be used to create client credentials once.
    (!) The integration token will expire within 4 hours if not used to create credentials.
    4. Trigger this API call using your clien_id and client_secret:

    curl --location --request POST 'https://partners.guesty.com/oauth2/token' \


    --header 'accept: application/json'\
    --data-urlencode 'grant_type=client_credentials' \
    --data-urlencode 'scope=partners-api' \
    --data-urlencode 'client_id={your_client_id}' \
    --data-urlencode 'client_secret={your_client_secret}' \

    5. If the client credentials are valid, you will receive an access token to Guesty’s Production API

    6. You can now use the access token to approach Guesty’s API via base URL:

    https://partners.guesty.com/v1

    Example:

    To retrieve listings associated with the connected account:

    curl --location --request GET 'https://partners.guesty.com/v1/listings' \


    --header 'Authorization: Bearer {your access token}' \

    7. Access token needs to be refreshed every 24 hours with the client credentials (steps 4&5)

    (!) Access token can be refreshed no more than 5 times every 24 hours. Exceeding this limit will
    generate error 429. For this reason please refrain from refreshing the token on each session.
    3. Old auth user migration

    (!) Available after Guesty has marked your app as accepting new authentication. To inform
    Guesty that your app is ready to be marked as “accepting new authentication” please reach out
    to Guesty Integrations - michael.schiff@guesty.com

    (!) If a large number of accounts is to be migrated, please be sure to validate the flow before
    running the migration script. The action cannot be undone as it invalidates old tokens.

    1. Trigger this API call to convert the out-of-date JWT token to client credentials:

    curl --location --request GET


    'https://partners.guesty.com/v1/partners-migration/convert?
    oldApiKey={deprecatedApiKey}' \
    --header Authorization: Bearer {deprecatedApiKey}'

    2. If the old JWT token is valid, you will receive a response with a pair of client credentials:

    client_id
    client_secret

    (!) The next steps are identical to the regular authentication flow:

    3. Trigger this API call using your clien_id and client_secret:

    curl --location --request POST 'https://partners.guesty.com/oauth2/token' \


    --header 'accept: application/json'\
    --data-urlencode 'grant_type=client_credentials' \
    --data-urlencode 'scope=partners-api' \
    --data-urlencode 'client_id={your_client_id}' \
    --data-urlencode 'client_secret={your_client_secret}' \

    4. If the client credentials are valid, you will receive an access token to Guesty’s Production API

    5. You can now use the access token to approach Guesty’s API via base URL:

    https://partners.guesty.com/v1

    Example:

    To retrieve listings associated with the connected account:


    curl --location --request GET 'https://partners.guesty.com/v1/listings' \
    --header 'Authorization: Bearer {your access token}' \

    6. Access token needs to be refreshed every 24 hours with the client credentials (steps 4&5)

    (!) Access token can be refreshed no more than 5 times every 24 hours. Exceeding this limit will
    generate error 429. For this reason please refrain from refreshing the token on each session.

    You might also like