This document will explain how to get started with the Hostfully PMP API version 2.0. For reference to the actual API documentation, please visit our Developer Center at
This API is always under development. If you need help with implementing the API for your system, please contact our professional services contact us and we'll help you with your project.
If you notice the docs are out of date or are unclear, please don't be shy about clicking the "Suggest Edits" link! We're working to keep these docs up to date, however sometimes we get behind – and we'd love your help.
Access to the Hostfully API is granted to customers with Premium accounts, or to
organizations being part of the Hostfully preferred partners pool. If you need to upgrade your account to Premium level, you can do so from the page
Agency Settings > Account Status > Upgrade
If you want to apply to be a preferred partner, you can do so by sending an
email to firstname.lastname@example.org.
Authentication requires an API key, which can be acquired from PMP Agency Settings page. You will need to include your key in every request made to the API. The API key has have to be provided as an HTTP request header called
Sandbox vs Production
API development will always have to start on our sandbox. Once you feel that you got
things under control, just send us a note and we'll enable your access to production. Testing the APIs on the dev portal here will only work with a sandbox api key. If you want to acquire a sandbox key, you can do so by emailing to email@example.com.
On the API documentation interface, select an API endpoint and click on the Try It button.
Enter your (sandbox) API key and click Enter - this will send the API call. If the API requires some data, just enter them in in the fields in the form.
The Hostfully API allows 1,000 calls within a 1 hour window per calling client (per api key).
HTTP Headers and Response Codes
Use the HTTP headers in order to understand where the application is at for a given rate limit, on the method that was just utilized. The HTTP headers to monitor are the following:
x-ratelimit-limit: the rate limit ceiling for that given endpoint
x-ratelimit-remaining: requests left for the 60 minute window
When hitting the rate limit, please pause your code for 1 hour and retry the call.
API returns standard error codes:
400 - Bad request (parameters or payload issue)
401 - Unauthorized
403 - Forbidden
404 - Resource not found
405 - Method not allowed
409 - Conflict (usually an issue with the data, logical conflict)
429 - Rate limit
If a client application abuses the rate limits, it will be blacklisted. Blacklisted client apps are unable to get a response from the Hostfully API. If you or your application has been blacklisted and you think there has been a mistake, you can email us at firstname.lastname@example.org to request assistance.