Download OpenAPI specification:Download
All PropQ API calls should be authenticated via OAuth2 client credentials flow. In order to using the API, you must have a client id and a client secret. Contact Resales Online for these information. You have to store securely in your side. Never hardcode them in your code.
Each API call is an HTTP request with at least two headers:
Content-Type: always be application/json. If this header is missing or not correct, the response code can
be incorrect.Authorization: must be a string in the following format Bearer <access_token> with the <access_token> is
an access token grantted from our server. An access token can be cached in your system
(local files, databases, ...) to use in 30 days since it is created.To get a new access token, send and HTTP POST request to https://api.propq.com/oauth/token with
these parameters:
grant_type: always be client_credentialsclient_id: your client id (should be an integer)client_secret: your client secret (should be a string)If the data is valid, the response we be a JSON object with the following fields:
access_token: the access token that you will use in other API requestsexpires_in: the number of seconds that the access token is valid. Currently, this value always be 2592000
(30 days)token_type: Always be BearerThe example section gives an example of how to work with Resales Online APIs.
There are different HTTP response code from the API:
200: the API call is processed successfully. The response data is a JSON object.400: there are errors when processing the request401: the access token is missing or invalid403: the current user does not have sufficient privilege to call the current API419: the current API is called with an incorrect method. For example, you send a POST request
to an endpoint that only accepts GET requests.422: the input data is not valid. The validation errors is returned in the body5xx: there are errors in Resales Online servers3xx: the Content-Type may be missing and the current request is not processed successfullyThis is an example PHP script to call the /iam/me API endpoint. Here, we store the secret key in a file and cache
the access token (in files, too) so that we don't need to request new one every time the script is run.
<?php
const API_ROOT = "http://api.propq.com";
const CLIENT_ID = 5;
const FILE_ACCESS_TOKEN = "access_token";
const FILE_SECRET = "secret.txt";
// Get the client secret from an external configuration file
// Here we use a text file, you can use environment variables or any
// configuration storage mechanism.
// The most important thing to remember is do not store the secret
// key in the code files
$clientSecret = trim(file_get_contents(FILE_SECRET));
// An access token is valid for 30 days. We can save it in files or database
// so that we don't need to acquire new tokens every requests
//
// In this example, we first try to get an access token from the cached file
// before request a new one.
$accessToken = "";
if (file_exists(FILE_ACCESS_TOKEN)) {
$accessToken = trim(file_get_contents(FILE_ACCESS_TOKEN));
} else {
// If there is no access token cached, we request a new one from the
// token end point
$tokenEndPoint = API_ROOT . "/oauth/token";
$params = [
"grant_type" => "client_credentials",
"client_id" => CLIENT_ID,
"client_secret" => $clientSecret
];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $tokenEndPoint);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec($ch);
curl_close ($ch);
$json = json_decode($output, true);
$accessToken = $json['access_token'];
file_put_contents(FILE_ACCESS_TOKEN, $accessToken);
}
// Now, with access token we can call other APIs.
// The example below calling the `/iam/me` end point to get the information of
// the current user.
$url = API_ROOT . "/api/v1/iam/me";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Content-Type: application/json',
'Authorization: Bearer ' . $accessToken
]);
$output = curl_exec($ch);
curl_close ($ch);
$json = json_decode($output, true);
// Display the json output
var_dump($json);Get a new OAuth2 token for the current client. This is the only request that do not accept a JSON body
and do not require an access token. This also the only request that you must not including the
Content-Type: application/json header.
| grant_type required | string Value:"client_credentials" Currently, we only support client credentials flow, the value always be |
| client_id required | number The client id number |
| client_secret required | string The client secret key |
The request is success and a new token is created
There are errors with the request
The client information is not valid
Update a development unit by a unit name and development project id
| development_id required | string The ID of the development project |
| UntName required | string The name of the unit to be updated |
| UntStatus required | number Enum:{"1":"AVAILABLE"} {"2":"HOLD"} {"4":"SOLD"} {"8":"RESERVED"} The new status of the unit |
| UntPrice required | number The new price of the unit |
| UntDirections required | array The new direction list of the unit |
The API endpoint
Get status of development by development id
| development_id required | string The ID of the development project |
The request is success and development status is return
There are errors with the request
The development id is not valid
The API endpoint