Built by owners, for owners.

Getting Started

Core Concepts

Overview

Bookings & Quotes

Properties

Bookings

Quotes

Guests

Rates

Rules

Reviews

My Account

Messaging

Security Deposits

Insurance and Damage Protection

Taxes

Renter Agreements

Payment Processing

Dynamic Pricing Integrations

Widgets

Listing Site Integration

Property Management

Technical Stuff

Hosted Websites

WordPress Plugin

Door Locks

OwnerRez API

Other Integrations

Reporting

Email Template Library

Data Management

QuickBooks Integration

Privacy & Security

Channel Management

Payment Processing

Testing

Change Log

2021

2020

2019

OwnerRez API - Authentication

There are two ways to access the OwnerRez API, depending on what you're trying to accomplish: Personal Access Tokens and OAuth Apps. Personal Access Tokens let you access your own account via API while OAuth apps let other OwnerRez users grant you access to their accounts so you can access those accounts via API on their behalf.

Personal Access Tokens

A Personal Access Token allows you to access your own account via API. To create a new token, go to Developer/API Settings under the dropdown arrow in the top-right of your OwnerRez screen. The token will start with pt_. When you generate a token you'll get to see it once -- make sure to note down the token so you can use it later.

Personal Access Tokens are rate limited by IP Address -- any given IP address may only access two different user accounts within 24 hours. If you're developing an app that will integrate with many OwnerRez accounts, use the OAuth App method instead.

To make an API call using a Personal Access Token, use basic authentication where the username is your OwnerRez email address and the password is the token. For example, a call to lookup property availability via /api/properties/lookup for a user wylie@acme.com using a Personal Access Token of pt_faaaast would be something like:

curl -u wylie@acme.com:pt_faaaast -i -X GET https://secure.ownerreservations.com/api/properties/lookup -H "Content-Type:application/json"

Note that the token-based API authentication is intended for private usage, and is not designed for partner use or wide deployment.  If you are a partner wishing to offer your services to OwnerRez clients in general, you need to use our more robust and secure OAuth API authentication.

OAuth Apps

An OAuth App allows you to access other OwnerRez user's accounts via API (after they have authorized your OAuth App). Follow the OAuth App Guide to create a new app and set up for users to be able to authorize your app into their account.

Once you've got a token for a user, use bearer token authentication to make API requests on behalf of the user. The token will start with at_. You also must send a User-Agent header identifying yourself which should contain your app name and client id, for example: User-Agent: My Awesome App/1.0 (c_51234234).

For example, given a token of at_foobarbaz, you'd make a call like:

Authorization: bearer at_foobarbaz
User-Agent: My Awesome App/1.0 (c_51234234)
Content-Type: application/json
GET https://secure.ownerreservations.com/api/properties/lookup

Or in curl, you can set the Authorization header like this:

curl -H "Authorization: bearer at_foobarbaz" -A "My Awesome App/1.0 (c_51234234)" -i -X GET https://secure.ownerreservations.com/api/properties/lookup -H "Content-Type: application/json"