Introduction to ImmobilienScout24 API Authentication Model
ImmobilienScout24 uses OAuth 1.0a to provide authorized access to its APIs. For more detailed information about OAuth, have a look at the Beginner's Guide to OAuth 1.0a. You can also find a list of OAuth 1.0a libraries here.
For authentication purposes, a
System (in OAuth known as Consumer1 ) uses:
system keythat acts as a unique identifier for the system and
system secretthat is used as a password for the system.
If you haven't done so yet, use this link to generate your
system key and
The ImmobilienScout24 API expects each API call to go through the authentication process and distinguishes between two types:
Two-legged OAuthis a form of authentication where an application makes API requests without a user context. It requires a
system secretonly to sign the request and to authenticate the system. This applies, for instance, to the search resource where an application performs GET requests to our search result list. For more details on how to do two-legged OAuth, please proceed to this section.
Three-legged OAuthis a form of authentication where a system is granted permission by a user to act on behalf of that user2. This requires both a
system secret, and an
access token. The
access tokenrepresents the explicit permission of the ImmobilienScout24 user for the system to access his/her resources. For more details on how to do three-legged OAuth, please proceed to this section.