%20--%3e%3cg%3e%3cg%20id='Logotype'%3e%3cg%3e%3cpath%20fill='%23141313'%20d='M46.37,250.9L136.63,28.98H0v237.25C0,296.87,21.93,318.83,52.56,318.83v-.03h160.64v-154.45l-156.9,95.23c-5.8,3.71-12.82-2.05-9.94-8.68Z'/%3e%3cpath%20fill='%23141313'%20d='M347.35,104.3c-68.33,0-115.93,44.71-115.93,108.91s47.6,108.9,115.93,108.9,115.93-44.72,115.93-108.9-47.6-108.91-115.93-108.91ZM347.35,255.04c-24.41,0-42.23-17.39-42.23-41.8s17.79-41.83,42.23-41.83,42.23,17.39,42.23,41.83-17.79,41.8-42.23,41.8Z'/%3e%3cpath%20fill='%23141313'%20d='M633.86,118.01c0,3.31-3.71,3.31-7.02,1.66-18.22-9.54-32.29-15.3-53-15.3-56.71,0-95.62,42.66-95.62,108.08s39.32,109.7,93.14,109.7v-.03c21.93,0,35.61-7.02,56.31-19.87,3.71-2.48,8.28-1.66,6.19,3.71l-5.36,12.85h86.51V28.98h-81.15v89.03ZM594.11,255.04c-24.41,0-42.23-17.39-42.23-41.8s17.79-41.83,42.23-41.83,42.23,17.39,42.23,41.83-17.79,41.8-42.23,41.8Z'/%3e%3cpath%20fill='%23141313'%20d='M1406.03,107.65l-23.58,112.61c-1.66,8.68-11.59,9.11-13.65-.4l-24.84-112.22h-94.79c-39.32,0-51.74-11.99-51.74-29.81s10.33-28.15,27.72-28.15c20.27,0,30.64,16.16,32.69,32.29h79.5C1325.35,29.38,1286.43,0,1230.52,0,1168.85,0,1130.32,36.04,1130.32,91.09v16.56h-44.71v67.07h44.71v144.08h81.15v-143.68h70.23l46.53,124.21c3.31,8.28,2.88,17.39-.4,26.1l-28.55,68.73h80.25l120.47-286.51h-93.97Z'/%3e%3cpath%20fill='%23141313'%20d='M886.41,117.98c0,3.31-3.71,3.31-7.02,1.66-19.87-9.94-34.35-15.3-54.65-15.3-60.45,0-93.97,49.29-93.97,107.65,0,64.59,37.26,98.54,87.77,98.54,23.19,0,40.57-7.02,62.1-19.47,5.37-3.31,9.51-.4,7.45,4.57-9.11,20.7-28.55,31.47-59.62,31.47h-83.2v67.07h98.5c72.04,0,123.78-47.63,123.78-114.67V107.65h-81.15v10.33ZM846.67,255.04c-24.41,0-42.23-17.39-42.23-41.8s17.79-41.83,42.23-41.83,42.23,17.39,42.23,41.83-17.79,41.8-42.23,41.8Z'/%3e%3cpath%20fill='%23141313'%20d='M1026.35,18.18c-26.1,0-44.71,16.16-44.71,39.35s18.61,39.35,44.71,39.35,44.72-16.16,44.72-39.35-18.62-39.35-44.72-39.35Z'/%3e%3crect%20fill='%23141313'%20x='985.78'%20y='107.65'%20width='81.15'%20height='211.15'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e)
What is OAuth?
OAuth, which stands for Open Authorization, is an open standard for access delegation. It is commonly used to grant websites or applications access to user information on other websites without sharing passwords.
For example, it allows a property management system (PMS) to access a host's listings on an Online Travel Agency (OTA) on their behalf. This is achieved by providing the third-party application with an access token that grants specific permissions for a limited time.
Join the Lodgify newsletter
How it works
When a user wants to connect two applications, such as a PMS and a channel like Airbnb, the first application (the client) requests authorization from the user. The user is redirected to the second application's (the resource server's) authorization page to log in and approve the request.
Once approved, the resource server provides an authorization token to the client application. The client can then use this token to make authorized API calls and access specific data on the user's behalf, ensuring that the user's direct login credentials are never shared.
Why it matters
OAuth is crucial for the modern vacation rental tech stack because it enables secure integrations between software platforms. It allows property managers to connect their PMS to OTAs, dynamic pricing tools, and other services without compromising login credentials.
For example, a PMS like Lodgify uses OAuth to build its secure API integration with platforms like Vrbo and Booking.com. This simplifies authorizing data sharing, which is fundamental for features like channel management.
Examples
- A host connects their property management software to their Vrbo account, which redirects them to a Vrbo login page to approve the connection for syncing calendars and bookings.
- A property manager authorizes a dynamic pricing tool like PriceLabs to access their Airbnb listing data, allowing the tool to push new rates without ever storing the host's Airbnb password.
- A user signs up for a new direct booking website by clicking "Sign in with Google," which uses OAuth to verify their identity without requiring them to create a new password for the site.
- A host grants permission for a third-party guest communication app to access booking details from their channel manager, enabling it to send automated messages to upcoming guests.
Frequently asked questions
Is OAuth the same as a password?+
Is OAuth secure?+
Why do I have to re-authorize an application connection periodically?+
What is the difference between OAuth 1.0 and OAuth 2.0?+
Related terms
API
An API, or Application Programming Interface, is a set of rules and protocols that allows different software applications to communicate and exchange data with…
API Integration
API integration is the process of connecting different software applications to allow for the automatic exchange of data, such as syncing booking calendars…
Channel Manager
A software tool that synchronizes property listings, availability, and rates across multiple online booking platforms in real time.
Property Management System (PMS)
A Property Management System (PMS) is a software application that enables vacation rental owners and managers to centralize and automate their core business…