Two-legged OAuth (application-only)

This form of authentication authenticates only the application, a user context is not required. Only a system key is required.

Steps for OAuth Flow:

The two-legged auth flow consists of only one step.

Resource request

Get or modify an arbitrary resource:

Required OAuth Parameters

oauth_consumer_key The identifier portion of the client credentials (equivalent to a username). This is the system key that is issued by ImmobilienScout24.
oauth_nonce The nonce value. (see [](
oauth_timestamp The timestamp value in seconds.
oauth_signature The signature calculates the specified signature method the request is using. (NOTE: Do not include this within the signature base string – it would cause a never ending loop :-))
oauth_signature_method The signature method used by the client to sign the request.
oauth_version OPTIONAL. But if present, it MUST be set to "1.0".

Response Parameters

  • See API documentation of the requested resource.

Signature Key

You create a signature key by URL encoding your system_secret and appending it with an & into a string.

For example, if your system_secret is abcde the key is abcde&.