Professional Documents
Culture Documents
Guesty Partner Auth Update - PRODUCTION
Guesty Partner Auth Update - PRODUCTION
Guesty Partner Auth Update - PRODUCTION
Appendix:
For your authentication-testing and development purposes please use this integration tile on
your Guesty (production) test account: https://app.guesty.com/integrations/partners/guesty
%20developer%20tools
3. If the integration token is valid, you will receive a response with a pair of client credentials:
client_id
client_secret
(!) The integration token can be used to create client credentials once.
(!) The integration token will expire within 4 hours if not used to create credentials.
4. Trigger this API call using your clien_id and client_secret:
5. If the client credentials are valid, you will receive an access token to Guesty’s Production API
6. You can now use the access token to approach Guesty’s API via base URL:
https://partners.guesty.com/v1
Example:
7. Access token needs to be refreshed every 24 hours with the client credentials (steps 4&5)
(!) Access token can be refreshed no more than 5 times every 24 hours. Exceeding this limit will
generate error 429. For this reason please refrain from refreshing the token on each session.
3. Old auth user migration
(!) Available after Guesty has marked your app as accepting new authentication. To inform
Guesty that your app is ready to be marked as “accepting new authentication” please reach out
to Guesty Integrations - michael.schiff@guesty.com
(!) If a large number of accounts is to be migrated, please be sure to validate the flow before
running the migration script. The action cannot be undone as it invalidates old tokens.
1. Trigger this API call to convert the out-of-date JWT token to client credentials:
2. If the old JWT token is valid, you will receive a response with a pair of client credentials:
client_id
client_secret
(!) The next steps are identical to the regular authentication flow:
4. If the client credentials are valid, you will receive an access token to Guesty’s Production API
5. You can now use the access token to approach Guesty’s API via base URL:
https://partners.guesty.com/v1
Example:
6. Access token needs to be refreshed every 24 hours with the client credentials (steps 4&5)
(!) Access token can be refreshed no more than 5 times every 24 hours. Exceeding this limit will
generate error 429. For this reason please refrain from refreshing the token on each session.