Authentication

BrightMLS utilizes OAuth 2.0 and OpenID Connect to control authorization and authentication for the RESO Web API. OAuth 2.0 and OpenID Connect (OIDC) are industry standard protocols for user authentication and authorization.

Applying for Credentials

To obtain access to the BrightMLS Web API, you must first apply here. Once the process has been started and initial contract is completed, you will be provided test credentials to begin your integration.
Authentication with BrightMLS Web API requires the following, which are provided to you:

  • Client ID
  • Client Secret
  • Authentication endpoint

Auth Endpoint

Sample header

Sample form body

Sample response

Client Credentials flow

The Client Credentials flow is intended for server-side (confidential) client applications with no end user. Normally, this means machine-to-machine communication. The application must be server-side because it must be trusted with the client secret, and since the credentials are hard-coded, an actual end user can't use it. It involves a single, authenticated request to the /token endpoint, which returns an access token.

Once you have a received an access token, it must be included in all endpoint requests as a bearer token in the header.

Bright auth flow diagram