Open API, powered by Buildium (v1)

Download OpenAPI specification:Download

Introduction

Welcome!

Welcome to Buildium’s API—a powerful, RESTful programming interface that lets you leverage valuable Buildium data.

Using HTTP requests, you can create integrations with applications that specialize in accounting, lead tracking, and more. Enjoy greater flexibility, transparency, and control over your business!

What's in this Guide?

This guide is full of simple, easy-to-follow instructions that’ll help you use Buildium’s API like a pro.

Topics include:

  • choosing the right resources for your use case
  • making HTTP requests to any resource
  • understanding data and response codes

Getting Started

Excited to get going? We’ll walk you through the setup process.

Account Configuration

Before you can use Buildium’s API, you’ll need to make some tweaks to your account settings.


Enabling the API

In order to start creating your keys and making requests, you’ll need to enable the API.

Tip: You’ll need an administrator user role with access to Application settings to set things up properly.


Let's Begin!

  1. Sign in to your Buildium account from your browser.

  2. Open the Settings menu and click Application settings.

  3. Under System preferences, click Api settings. A modal will appear.

  4. Click the Open API toggle to turn it on. Then click Save.

Congratulations! Your account's enabled. Now, you’re ready to start managing API keys.

If you are having issues enabling the API within your account you can submit a Support request for assistance.


API Keys

Account-level API keys authenticate every request and keep things secure.

API keys have two components: a “client ID” and a “secret”.

  • Client IDs are similar to usernames. They’re used to identify your Buildium account and are safe to share.
  • Secrets are similar to passwords. They must be kept confidential.

Whenever you make a request, you’ll need the API key’s client ID and secret. If you forget it, make a mistake, or try to use information that’s linked to a deleted key, the API will return a 401 response code.

Tip: We compiled a list of best practices that detail how securely store API keys. Give it a read!

Creating API Keys

Now that the Open APi is enabled, you’ll be able to create API keys. You’re almost there!

Tip: You’ll need an administrator user role to complete this step, too.


How to create an API key

  1. Sign in to your Buildium account from your browser.

  2. Open the Settings menu and click API Keys. The page will open automatically.

  3. Click Create API Key. A modal will appear.

  4. Enter a clear, memorable name and description for your API key. It’ll make it easier to locate the right key when you make a request. Once finished, click Next.

  5. Now, choose which pieces of Buildium data you want this API key to have access to by marking the corresponding checkboxes. Once finished, click Next.

  6. You successfully created an API key!

Important: This is your only chance to record the secret. Make sure it’s stored somewhere secure! If it’s forgotten, you’ll need to delete this key and start from scratch.



You have now successfully created an API key and have everything you need to send requests to the Buildium API!

Before moving on to making your first request please review Keeping your Keys Safe for an overview on securely storing your API keys.

If you are having issues creating API keys you can submit a Support request for assistance.

Keeping API Keys Safe

Based on their permissions, API keys could have full access to your account’s Buildium data. It’s important that you only grant access to trusted applications, securely record secrets, and consider a password manager to stay organized.

  • Avoid hard-coding client IDs and secrets inside source files.
  • Avoid storing client IDs and secrets in any files that may be committed to source control, particularly cloud-based source control platforms.
  • Apply restrictions to client IDs and secrets shared with your staff. You can restrict a key to particular Buildium entities or to read-only access (GET resources only).
  • Avoid sharing client IDs and secrets across public, insecure platforms.
  • Establish a process to regularly recreate your client IDs and secrets from your Buildium account.

How to Make a Request

You’ve done a great job setting up your account, Now, we’ll walk you through how to access your data. It’s very straightforward and should only take a few minutes!

Tip: Looking for the right HTTP client? If you’re just getting started, we recommend Postman.


Let's Get Started!

Step 1: Get Your API Key

If you haven't yet done so, obtain your API key client ID and secret from your Buildium account. Your API key is how the Buildium API authenticates requests and ensures only you can access your data.

See Getting Started for a deeper dive into enabling the API and creating keys.

Step 2: Install a HTTP client

The Buildium API supports any standard HTTP client. If you're looking for a user-friendly HTTP client application, we recommend Postman – it allows you to access the Buildium API without writing code. We’ll use Postman for our example below to demonstrate sending an API request.

Step 3: Make a Sample Request

Let's dive in and make a simple request to get all the Rental Properties in your account. This will confirm your connectivity to our platform and validate the keys you created on our website. Simply follow the instructions below.

  1. Open the Postman application.
  2. Open the verb menu and select GET.
  3. Enter the request endpoint in the field next to GET.
  4. To authenticate the request, enter your client ID and secret respectively in these request headers:
    • x-buildium-client-id
    • x-buildium-client-secret
    • Your full request should look similar to the image below.

  1. Review the parameters of your request on last time. Once finished, click Send.

  2. If successful, you should see a JSON response and a 200 HTTP status code. Voilà! You've connected to the Buildium API.


You now have the knowledge required to make requests for any of our resources.

If you've received an error response please review the JSON response message for a description of how to resolve the issue. You can also see more information about HTTP status codes in the Response Codes section. If you are still having trouble making a request after reviewing these sections please submit a Support request.


API Overview

The Buildium API is built upon standard REST conventions. It's designed to use consistent resource-oriented URLs, accept and return JSON-encoded messages, and use standard HTTP status codes and verbs.

Base URL

The base URL for production environment API requests is: https://api.buildium.com/

The base URL for sandbox environment API requests is: https://apisandbox.buildium.com/

In order to ensure all requests and responses are secure between the API consumer and Buildium servers, requests must be made using the https protocol. Any requests not made with the https protocol will be refused by the Buildium API platform.

Note: URL paths are case-sensitive to stay consistent with common REST standards. If your request doesn’t align with the documented URL path, you’ll receive a 404 response code reminding you of this constraint.

API Versioning

The Buildium API is version controlled. Versioning ensures backwards-incompatible changes to the API don’t impact any existing integrations.

Buildium uses only a major version nomenclature to manage changes. The current version of the Buildium API is version 1. By specifying a version in the resource request URL, you'll get expected responses regardless of future changes to the API. Here's an example of calling version 1 of the retrieve all rentals resource:

https://api.buildium.com/v1/rentals

Any request submitted without the version in the URL path will result in a 404 error response code.

Releasing Changes to the API

The Buildium API will continue to evolve to ensure it meets the needs of our customers. Changes will be defined as either backwards-compatible or backwards-incompatible.

We’ll always provide advance notice for all API releases–regardless of the type of modifications being made.

Backward-compatible Changes

Backward-compatible changes are modifications to the API that shouldn't impact existing integrations. They'll apply to the current version of the API. Simply put: you won’t need to change the version to consume new changes like these.

It's important as you develop against the Buildium API that you ensure these types of changes don't impact your integration. Here's are examples of backward-compatible modifications.

  • Adding new API resources and/or endpoints.
  • Adding new optional request parameters to existing API methods.
  • Adding new properties to existing API responses and non-required properties for request messages.
  • Changing property order in existing API responses.

All backward-compatible changes to the API will be documented in the Changelog.

Backwards-incompatible Changes

When backwards-incompatible changes to the API occur, a new version of the API will be released. You’ll need to update the URL path to consume resources under the new API version.

Backwards-incompatible changes include:

  • Removing a property from a request and/or response message.
  • Changing the name of a property in a message.
  • Adding a required parameter to a request message.
  • Changing existing enumeration values.

New versions of the API will have full reference documentation and an upgrade guide.


Authentication

The Buildium API uses API key’s client IDs and secrets to authenticate requests.

An API key client ID and secret must be passed in every request header using the following parameters:

  • x-buildium-client-id
  • x-buildium-client-secret

Failing to provide both of them in the request header will cause the API to return a 401 HTTP status code.

Rate Limiting

Rate limits help us ensure consistent and reliable performance for all users, even during peak loads. That’s why we limit clients to 10 concurrent requests per second.

If your request rate violates that limit, a response code of 429 is returned. Simply retry the request after a short interval (~200ms).

Bulk Request Options

All top-level API resources support bulk fetches. For instance, you can retrieve all Associations. These resources also allow for filtering criteria. Each resource has descriptions of the filter criteria available.

In addition to filtering, our API gives you the ability to control the returned data’s pagination and the sort order.

Pagination

Endpoints that return result sets allow for pagination using limit and offset request parameters to reduce the amount of data returned.

The limit request parameter will cap the number of results that come back in the response. If you don't specify a limit value, a default of 50 results are returned. The maximum limit value is 1000. If a limit value is specified greater than 1000, it will be overridden to the default to 1000.

The offset request parameter indicates the record position within the resultset to start at when returning the results. The offset is zero-based and is inclusive. If no offset value is submitted it will default to 0.

The total resultset count is returned in the HTTP Header X-Total-Count


Pagination Example

As an example, let's say we make a request to retrieve all rental properties with no paging parameters. Our response indicates in the X-Total-Count header that there are 150 total rental properties. We want to get only the last 50 results so we would submit a request with the offset set to 100 and the limit set to 50.

Note: The limit and offset parameter names are case-sensitive. If they aren't formatted correctly, the API will return a 404 HTTP status code.


Sorting Results

You can specify the sort order of returned data by assigning any property from the returned object to the orderby parameter in the querystring. For example:

orderby=LeaseType

By default, the sort is performed in ascending order. To specify sort order, use "asc" for ascending or "desc" for descending. For example:

orderby=LeaseType desc

Additionally, you can sort by multiple properties by comma separating the properties. For example:

orderby=Rent desc,City asc

Note: While the orderby parameter is case-sensitive, the properties specified in the orderby value aren't.

Response Codes

The Buildium API supports standard HTTP status codes.

Response Code Description
200 OK Everything worked as expected.
400 Bad Request The request was unacceptable, often due to missing a required parameter.
401 Unauthorized The API client ID and secret weren’t provided or they’re no longer valid. Be sure that the client ID and secret combination are correct and they are still active.
403 Forbidden The API key doesn't have permission to perform the request. This could be due to authorization for the given endpoint or an inability to access given entities within the platform (e.g. properties).
404 Not Found The requested resource doesn't exist.
415 Unsupported Media Type Ensure you have the appropriate content-type header value set on your request. Each resource is documented with media type(s) that are accepted.
429 Too Many Requests Too many requests against the API too quickly. We recommend an exponential backoff of your requests. See more information in Rate Limiting.
500 and above - Server Errors Something went wrong on Buildium's end. Review the JSON response message for more details about the error. These are rare.

Support

If you are unable to resolve your issue after reviewing the API documentation our support team can assist you. Please fill out the form below and let us know how we can help.

Select your issue


Please include the following information when applicable to your issue:
  • Date & time of API request
  • Full URL used in making the request along with any querystring and/or post parameters
  • HTTP status code (e.g. 500)
  • Response body

API Sandbox

To assist your development efforts Buildium offers a free Sandbox account with your Premium subscription. A sandbox is a development environment that is separate from your production account. Sandboxes duplicate much of the same property management functionality available in your production account and all of the resources available in the Open API. The benefit of the sandbox is that it's isolated from your primary account. This separation ensures that API operations you perform against the sandbox account during development of your integration do not corrupt the data in your production account.

Mock Data

To help you hit the ground running with your development efforts sandbox accounts are provisioned with realistic sample data. This ensures you have data to work with immediately and won’t have to spend time doing data entry. You always have the ability to add more data through the application and the Buildium Open API.

Getting Started

To create a sandbox account follow the steps below.

  1. Sign in to your Buildium account from your browser.

  2. Open the Settings menu and click API Keys.

  3. Click the Manage sandbox button.

  4. Click the Create sandbox button. A modal will appear.

  5. Enter the name and email of the person that will be administering the sandbox account. When the sandbox creation process has completed an email will be sent to the email address submitted. This email will provide a link to the sandbox. After all fields have been filled out, click Create.

  6. The provisioning process will now execute. It can take 2 - 3 minutes for the sandbox to be created. The page will automatically refresh with the provisioning status. When it completes you will see the sandbox status is Active along with details about the sandbox including the URL to the account. You can browse back to this page at any time if you need to look up the URL to the sandbox.


  7. Once the sandbox has been created an email will be sent to the address you entered in the "Create sandbox" modal. To complete the activation of the sandbox open the email and click on the "Activate Account". This will allow you to create a password for your account and log into the sandbox.

  8. You are now ready to begin making API requests to your sandbox! Please see Accessing the Sandbox for next steps on how to start making API requests.

Accessing the Sandbox

Once your sandbox is created you can begin to access it through the Open API. Requests are made following all the same versioning, authentication, messages, etc that are used in the production environment with the exception of the base URL. The base URL for the sandbox is:
https://apisandbox.buildium.com/

You can read more about connecting to the API in the API Overview section.

Once you have completed your development and testing against the sandbox and you're ready to start using the integration in your production account simply change the base URL in your integration to the production API URL.

Sandbox Account Restrictions

The core Buildium functionality is available in the sandbox environment, however there are some restrictions which include:

  1. Add-on services, ePay and other paid services will not be available.
  2. A maximum of 1500 units (rentals and associations) can be created within the sandbox.
  3. Communication emails will not be sent out. This protects you from inadvertently sending emails to your test accounts.

FAQs

How many sandboxes can I create?

The Premium subscription plan allows you to create one sandbox.

Can I use my production keys to access my sandbox?

No. To ensure you are accessing the correct environment the API keys are restricted to the environment they were created in.

What is the throttle limit on requests to the sandbox?

Each app can make 500 requests per minute before getting throttled.

Can I reset sandbox data to its original state?

Resetting sandbox data is not supported at this time.

Can I delete a sandbox?

You cannot delete a sandbox at this time. Closing your account or changing subscription plans will delete your sandbox and it will be no longer accessible.

Can I delete the sandbox data?

Yes, you can manually delete records by logging into the web application.

Why do I see an error when I try to access add-on functionality like ePayments?

Certain functionality is restricted in the sandbox environment. Please see Sandbox Account Restrictions for an overview of these limitations.

Changelog

2020-11-17

API Updates

2020-10-20

API Updates