Hen Hideaways
APIZapier API

Authentication

Learn how to authenticate API requests using personal access tokens.

Authentication

The Hen Hideaways API uses personal access tokens for authentication. These tokens are unique to each owner account and can be generated from the Owner Portal.

Generating an API Token

  1. Log in to the Owner Portal
  2. Navigate to Settings > Notifications
  3. Find the Zapier Public App Access section
  4. Enter a name for your token (e.g., "Zapier Integration")
  5. Click Create Token
  6. Copy the token immediately - you won't be able to see it again!
hh_owner_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6

Using Your Token

Include your token in API requests using one of two methods:

Authorization: Bearer hh_owner_your_token_here

Option 2: X-API-Key Header

X-API-Key: hh_owner_your_token_here

Example Requests

Using curl with Authorization header

curl -X GET "https://www.henhideaways.com/api/zapier/v1/auth" \
  -H "Authorization: Bearer hh_owner_your_token_here"

Using curl with X-API-Key header

curl -X GET "https://www.henhideaways.com/api/zapier/v1/properties" \
  -H "X-API-Key: hh_owner_your_token_here"

Using JavaScript (fetch)

const response = await fetch('https://www.henhideaways.com/api/zapier/v1/enquiries', {
  headers: {
    'Authorization': 'Bearer hh_owner_your_token_here',
    'Content-Type': 'application/json'
  }
});

const data = await response.json();

Using Python (requests)

import requests

headers = {
    'Authorization': 'Bearer hh_owner_your_token_here'
}

response = requests.get(
    'https://www.henhideaways.com/api/zapier/v1/enquiries',
    headers=headers
)

data = response.json()

Token Management

Token Security

  • Never share your tokens publicly or commit them to version control
  • Use environment variables to store tokens in your applications
  • Create separate tokens for different integrations (easier to revoke)
  • Revoke tokens immediately if they're compromised

Revoking Tokens

If a token is compromised or no longer needed:

  1. Go to Owner Portal > Settings > Notifications
  2. Find the token in the Active Tokens section
  3. Click Revoke
  4. Create a new token if needed

Once revoked, API requests using that token will receive a 401 Unauthorized error.

Testing Your Token

To verify your token works correctly, use the test endpoint:

curl -X GET "https://www.henhideaways.com/api/zapier/v1/auth" \
  -H "Authorization: Bearer hh_owner_your_token_here"

Success Response (200 OK):

{
  "id": "owner-uuid",
  "email": "your-email@example.com"
}

Error Response (401 Unauthorized):

{
  "error": "Unauthorized"
}

Error Codes

Status CodeMeaning
200Success - token is valid
401Unauthorized - token is missing, invalid, or revoked
403Forbidden - token is valid but lacks permission

Need Help?

If you're having trouble with authentication:

  • Double-check you've copied the entire token
  • Ensure there are no extra spaces or line breaks
  • Verify the token hasn't been revoked
  • Make sure you're using the correct header format

Contact support if issues persist.

Getting Started

Quick start guide for connecting Hen Hideaways to Zapier.

API Endpoints

Complete reference for all Hen Hideaways API endpoints.

On this page

AuthenticationGenerating an API TokenUsing Your TokenOption 1: Authorization Header (Recommended)Option 2: X-API-Key HeaderExample RequestsUsing curl with Authorization headerUsing curl with X-API-Key headerUsing JavaScript (fetch)Using Python (requests)Token ManagementToken SecurityRevoking TokensTesting Your TokenError CodesNeed Help?