Skip to main content

Documentation Index

Fetch the complete documentation index at: https://developers.vendaze.com/llms.txt

Use this file to discover all available pages before exploring further.

Before your app can authenticate Vendaze users, you need to register it. Registration is open to any developer with no approval process. Your credentials arrive by email within seconds.
Don’t have a Vendaze account yet? Create one free. New accounts include a 14-day trial so you can build and test your integration before requesting access from real users.

What you need

  • A valid email address to receive the credentials
  • At least one HTTPS redirect URI for your OAuth callback
  • A decision on which scopes your integration needs

Register via API

Send a POST to /v1/auth/register-app: 
curl -X POST https://api.vendaze.com/v1/auth/register-app \
  -H "Content-Type: application/json" \
  -d '{
    "app_name": "My Integration",
    "email": "dev@yourapp.com",
    "description": "Syncs contacts and deals between Vendaze and MyApp",
    "avatar_url": "https://yourapp.com/assets/vendaze-avatar.webp",
    "redirect_uris": ["https://yourapp.com/oauth/callback"],
    "scopes": ["people:read", "people:write", "deals:read"]
  }'
Response (201): 
{
  "data": {
    "app_name": "My Integration",
    "client_id": "9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d",
    "message": "Credentials sent to dev@yourapp.com"
  }
}
Your client_secret is sent only by email and never returned in the API response. Store it securely as soon as you receive it.

Request parameters

ParameterTypeRequiredDescription
app_namestringYesIntegration name shown to users on the consent screen. Max 100 chars.
emailstringYesEmail where credentials will be sent. One app per email address.
descriptionstringNoShort description of what your app does. Max 500 chars.
avatar_urlstringNoHTTPS URL of a WebP image shown on the consent screen. Max 400×400 px.
redirect_urisstring[]YesOne or more HTTPS URIs for the OAuth callback. Exact match required.
scopesstring[]YesScopes your app needs. Users approve them individually.

Redirect URIs

URIs must be exact HTTPS URLs. Wildcards and patterns are not accepted: 
Accepted:  https://yourapp.com/oauth/callback
Accepted:  https://yourapp.com/integrations/vendaze/callback
Rejected:  https://yourapp.com/oauth/*
Rejected:  http://yourapp.com/callback
During local development, http://localhost and http://127.0.0.1 are accepted. You can register multiple redirect URIs for different environments. At authorization time, the redirect_uri in the request must exactly match one of the registered URIs.

Available scopes

ScopeDescription
people:readRead contacts (people)
people:writeCreate, update, delete people
companies:readRead companies
companies:writeCreate, update, delete companies
deals:readRead deals
deals:writeCreate, update, delete deals
tasks:readRead tasks
tasks:writeCreate, update, delete tasks
Requesting a scope during registration does not guarantee it. Users can approve or decline each scope individually during the consent flow.
Your client_secret is shown only once, in the email you receive after registration. If you lose it, you can rotate your credentials using your client_id and registered email. Never commit it to version control or include it in client-side code.

Next step

With your client_id and client_secret, you are ready to implement the OAuth flow.

Authentication

Implement the OAuth 2.1 flow to authorize Vendaze users in your app.

Rotate app credentials

Need to update your app name, redirect URIs, or scopes? Learn how to rotate your credentials.