Version 1.0 (Draft)
Table of Content
EstateGuru Connect API allows 3rd party services to use
for getting user
related information from the platform. The API is enough flexible to give opportunity to its
users to grant a 3rd party service a permission without exposing its credentials.
Below you can see abstract overview of the protocol in action.
In order for a 3rd party service to consume API services, a designated
and secret should be
from EstateGuru Platform.
In order to get user related information, first client should redirect them to
get user authorization for granting client for certain consumption of information.
To redirect user for authorization, use following url
When redirecting user for authorization, client application should construct following post
An unguessable random string. This is used to
A valid client id issued by EstateGuru platform
Your client secret, that you’ve received from
EstateGuru platform, during account registration
Client application’s URI for user to be redirected
after authorization process. You can provide your callback
url during client account request from EstateGuru, otherwise
submit it with request.
-X POST \
After successful request and user authorization, a valid access token will be returned in
Note that for every response, you can find corresponding
initially submitted in
request object. This is intended behaviour and can be useful for synchronization and proper
handling of response objects.
After receiving valid access token, you can retrieve user information.
Example of request
-X POST \
"Authorization: Bearer cf96e458-12a1-4854-908d-419a35118363"
After successful validation of bearer token sample response will be as follows.
"#5XX Bridge loan (Estonia)"
is expired clients can regain a new valid access_token with their
received during authorization phase and client credentials.
Example of request with refresh_token
-X POST \
-u LHV:pBvghzCDUwcCU6EPh36YSfyKpfhXc9TNqSXjY3SmzD9Y8 \
Unable to verify given access token
Unable to verify given refresh_token
Client credentials are invalid
Validation failure (general)