YourNextHome

Authentication

Use organization API keys to authenticate every request.

Every request to the YourNextHome API must include an organization API key as a bearer token. Keys are scoped to a single organization — they cannot read or write data belonging to another organization.

Minting a key

  1. Sign in to the dashboard as an organization admin.
  2. Open Organization → API Access.
  3. Click Generate key, give it a recognizable label (e.g. crm-sync), and copy the secret. It is shown once — store it in your secrets manager immediately.

Sending the key

Pass the key as a bearer token in the Authorization header on every request:

curl https://api.yournexthome.app/api/v1/estates \
  -H "Authorization: Bearer ynh_live_xxxxxxxxxxxxxxxxxxxx"

Rotating and revoking

Keys can be revoked at any time from Organization → API Access. Revoked keys stop working immediately. To rotate, generate a fresh key, switch traffic to it, then revoke the old one — there is no automatic key expiry today.

Treat API keys like passwords. Never embed them in client-side JavaScript, commit them to git, or paste them into shared chat threads.

Scopes and permissions

Today, an organization API key has full access to its organization's data — read and write — across every resource. We will introduce scoped keys before General Availability. If your integration only needs read access, design for that constraint now so the transition is painless.

Introduction

Build real estate experiences on the YourNextHome platform.

Quickstart

From zero to your first API call in under five minutes.

On this page

Minting a keySending the keyRotating and revokingScopes and permissions