The iGMS API Developer Program opens up powerful possibilities for property managers and developers who want to build custom integrations, automate workflows, or create specialized tools that work seamlessly with iGMS. Whether you're looking to connect iGMS with your existing business systems, build a custom dashboard, or develop automation solutions across multiple platforms, the Developer Program gives you the access you need to make it happen.

This article walks you through the entire process, from requesting access to the program through creating your first application and getting your API token.

You'll need an active iGMS account to request access to the Developer Program. The program is available to all subscription levels, though you should have a clear understanding of what you're planning to build before submitting your request.

The API uses OAuth 2.0 for authentication and returns data in JSON format, so familiarity with REST APIs, HTTP requests, and basic programming concepts will be helpful. If you're planning to hire a developer to build your integration, having a clear project specification ready will make the process smoother.

Before requesting access, think through your use case. What specific problem are you solving? Which iGMS data do you need to access? Will you be reading data, writing data, or both? Having clear answers to these questions will help you describe your project when you submit your access request, which increases the likelihood of quick approval.

The first step is requesting access to the program. Log in to your iGMS account and navigate to the Developer Program page. You'll see a form where you can submit your access request.

When you fill out the request form, be specific about what you're planning to build in the commentary field.

For example, "We're building a custom reporting dashboard that pulls booking data, revenue metrics, and occupancy rates from iGMS to display alongside data from our accounting system" or "We need to automate message responses by integrating iGMS with our AI chatbot service." The more detail you provide about your intended use, the faster your request can be reviewed and approved.

After you submit your request, our team reviews it to ensure the API is the right solution for your needs and that your use case aligns with our terms of service. Most requests are reviewed within 2-3 business days. You'll receive an email notification once your request has been approved.

Once approved, you'll gain access to the Developer Program interface, where you can create applications and manage your API credentials.

After your Developer Program access is approved, return to the Developer Program page. You'll now see a Create an application button that wasn't available before approval.

Click Create an application to open the application creation form. You'll need to fill in three fields, and understanding each one is crucial for setting up your integration correctly.

The App URL field, technically called the `redirect_uri` in OAuth terms, is where iGMS will send users after they authorize your application. This is a critical security component of the OAuth flow. When a user grants your application permission to access their iGMS data, they're redirected to this URL with an authorization code that you'll exchange for an access token.

Your App URL must be a complete URL. For example, `https://www.airgms.com/auth/test` with the `https://` at the beginning.

Also, the URL must be publicly accessible (localhost URLs won't work for production), and it should point to an endpoint in your application that's ready to receive the authorization code.

The Description field is for your own reference and helps you keep track of multiple applications if you create them. Write something clear that describes the purpose of this application. For example, "Production booking sync for our CRM" or "Development testing for pricing automation." This field isn't shown to users; it's just for your internal organization.

The Client Secret field has a toggle that you can enable or disable. The client secret is an additional security credential used during the token exchange process. For most integrations, especially those where your code runs on a server that you control, it is recommended to enable the client secret. This adds an extra layer of security by requiring both the client_id and client_secret to obtain access tokens. However, it is not necessary.

Once created, your application will appear in a list showing its name, the assigned `client_id`, and your `redirect_uri`. The `client_id` is a unique identifier for your application that you'll use in all API requests. Make note of this value, you'll need it for the next steps.

At this point, your application exists, but it doesn't have any permissions yet. This brings us to the critical concept of scopes.

API scopes define exactly what your application can and cannot do with a user's iGMS data. This permission system ensures that applications only access the data they actually need, following the principle of least privilege. When you create an application, no scopes are enabled by default. You need to contact our support team with your `client_id` and the specific scopes you need for your integration.

You can find the available scopes and what each one allows your application to do on the following page.

Be thoughtful about which scopes you actually need; requesting only the scopes necessary for your integration is better than requesting everything. This keeps your integration secure and focused on its intended purpose.

To request scopes for your application, contact our support team through the support chat or at [email protected].

Provide your `client_id` and a list of which scopes you need, along with a brief explanation of why you need each one. For example, "We need the messaging and listings scopes for our application (client_id: 44) to build an automated guest communication system that customizes messages based on property details." Our team will review your request and enable the appropriate scopes for your application.

Once your scopes have been enabled, you're ready to obtain an access token and start making API calls. The token generation process uses the OAuth 2.0 authorization code flow, which is a secure, industry-standard method for granting applications access to user data.

The complete technical details of obtaining a token are documented on our API documentation page. This documentation walks through the two-step process of first getting user authorization and then exchanging the authorization code for an access token.

The API documentation provides specific code examples and detailed parameter descriptions for each step. If you're working with a developer, they'll find everything they need there to implement the OAuth flow correctly.

Most Developer Program access requests are reviewed and approved within 2-3 business days. If your use case is complex or we need additional clarification about your intended integration, it may take slightly longer. We recommend providing detailed information in your initial request to speed up the approval process. You'll receive an email notification as soon as your access is approved.

Yes, you can create multiple applications within the Developer Program. This is useful if you're building separate integrations for different purposes, managing separate development and production environments, or working on multiple projects. Each application gets its own `client_id` and can have different scopes enabled based on its specific needs. Just make sure to give each application a clear description so you can easily distinguish between them.

Yes, you can request additional scopes for your application at any time by contacting our support team with your `client_id` and the new scopes you need. However, you cannot remove scopes yourself. If you need scopes removed or want to change your application's permissions significantly, reach out to support, and we'll help you make those changes.

Yes, API access tokens allow up to 1,000 requests per minute. This is a generous limit designed to accommodate most integration needs without restricting legitimate use. If your integration requires higher throughput, contact our team to discuss your specific use case, and we can work with you on a solution. For most property management integrations, even those managing hundreds of properties, 1,000 requests per minute is more than sufficient.

If you encounter any issues, we are always here to help. You can reach us through the support chat in your iGMS account or at [email protected].