Authenticating your Requests

Suggest Edits

Before You Begin

Before using any of the Alto API's you must first create an integration via the Developer Portal.

When you create your first integration, you will receive a login for an Alto test environment and authentication instructions. These will be sent directly to the email you created your Developer Portal account with.

Use the details on the integration page within the Developer Portal to set up your integration. All requests to Alto APIs must be authenticated using these details. They are unique to this integration; do not use them across apps or share them with anyone else.

Authenticating your request

Calls to the Alto APIs must be authorized with a bearer token. To get a bearer token you must call the Token API (https://api.alto.zoopladev.co.uk/token).

An example authorization request:

curl --request POST \
--url 'https://api.alto.zoopladev.co.uk/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic YOUR_TOKEN' \
--data 'grant_type=client_credentials'

The value for your basic authorization token is generated by:

  1. Concatenating your Client ID, a colon, and your Client Secret.
  2. Base64 encoding the concatenated string in Step 1.

Example request

Here's an example request for the inventory search endpoint. You will have received your AGENCY_REF in an email:

curl --request GET \
--location 'https://api.alto.zoopladev.co.uk/inventory?address=london' \
--header 'AgencyRef: YOUR_AGENCY_REF' \
--header 'Authorization: Bearer YOUR_BEARER_TOKEN'

Updated 7 months ago