Skip to content
  • There are no suggestions because the search field is empty.

Dealius API — Frequently Asked Questions

Everything you need to know about authenticating, accessing data, and integrating with the Dealius API.

API documentation is available at any Dealius instance /swagger. For example, https://demo.dealius.com/api/swagger/index.html 

Do API tokens expire?

Dealius offers two types of tokens:

Temporary token — Generated when a user logs in via API using their username and password. For security reasons, this token expires every 24 or 48 hours and must be renewed each session.

Permanent token — Generated in the Dealius web app under User Settings > API Keys. This token is valid for 10 years and is passed in the request header as X-Auth-Token. It can be tested in Dealius Swagger using the Authorize button to create an authenticated session.

How do I generate a permanent token?

Go to User Settings > API Keys in the Dealius web app to generate a permanent token. Once generated, you can test it in Dealius Swagger via the Authorize button. The token is sent in the header as X-Auth-Token and does not expire for 10 years.

Full instructions are available in your Dealius Swagger documentation at: {your Dealius URL}/swagger

Does Dealius API have versioning?

Not yet — versioning is planned for a future release. In the meantime:

  • Updates that do not affect existing endpoints are announced on their release date.
  • Breaking changes are announced at least one month in advance.
  • When a new endpoint replaces an existing one, both are supported for two additional months to allow integrators time to update their code.

Is the API the same on sandbox and production?

Yes. The sandbox environment runs the same configuration and version as production, so you can test integrations with confidence before going live.

What fields are required to create a deal via API?

The required fields depend on the deal type, status, and system settings in your Dealius environment.

To create an active deal, the minimum required fields are:

  • RepresentationTypeID
  • DealTypeID
  • DealName
  • Client
  • EstimatedCloseDate
  • DealStatusID
  • Probability

A deal can be created without a property, brokers, or financial details. However, submitting a deal for closure (Pending Close or Closed status) requires additional fields such as a linked property, opposite client, broker, payment(s), commissions, and rent or sale price. Some environments may require additional fields such as documents, deal source, or a submarket for the property.

Note: Deals cannot be closed via API.

The full list of supported fields is available in Swagger under the Deals endpoints. Switching to the Model tab within each endpoint shows notes for individual fields.

How do I retrieve media files via the Dealius API?

The Dealius API returns absolute media URLs as part of the JSON response. These URLs require authorization — HTML <img> tags cannot include authorization headers directly due to browser restrictions. We recommend one of the following approaches:

Option 1: Server-Side Proxy (Recommended) Implement a secure proxy endpoint in your backend that forwards media requests to the Dealius API. This keeps authentication tokens out of client-side code, allows better caching, and is compatible with standard HTML image tags. It also allows the use of a long-lived API key instead of session tokens.

<img src="/media-proxy?path={AbsoluteURL}" alt="Secure Media" />

Option 2: JavaScript Fetch + Blob URL Use JavaScript to fetch the media file with an authorization header and convert it to a temporary blob URL. This is faster to implement and requires no additional backend endpoints.

async function loadSecureImage(token, url, imgElement) {
    const response = await fetch(url, {
        headers: { 'X-Auth-Token': token }
    });
    const blob = await response.blob();
    imgElement.src = URL.createObjectURL(blob);
}

 

What to avoid: Do not include tokens in query strings or rely on unauthenticated fallback URLs — these pose security risks and break access control. Do not store media file URLs, as they may change.

Is there a guide for pulling listings data to a public website?

Yes. Please contact your Dealius representative to request the Dealius API Integration overview guide.

Is there a guide for pushing deals to Dealius?

Yes. Please contact your Dealius representative to request the Pushing Deals via Dealius API guide.