Skip to main content

Documentation Index

Fetch the complete documentation index at: https://developer.lofty.com/llms.txt

Use this file to discover all available pages before exploring further.

This guide walks you through everything you need to make your first API call to Lofty. By the end, you’ll have a developer account, valid credentials, and a working request that returns lead data from the API.
1

Create a developer account

Go to the Lofty Developer Platform at https://api.lofty.com/vendor/frontend/static/index.html#/login and complete the signup flow:
  1. Click Sign Up.
  2. Enter your full name, organization name, email address, phone number, and a password.
  3. Check your email for a verification code — it’s valid for 10 minutes.
  4. Enter the verification code to complete signup.
After signing up, you’ll land on the Developer Platform dashboard where you can register and manage your applications.
If you’re building an integration for production use, you’ll need to submit your application for review. Lofty’s review process typically takes 2–5 business days. You can continue developing against the API in Development Mode while your app is under review.
2

Get your credentials

Choose the authentication method that fits your use case:OAuth 2.0 (recommended for third-party integrations)Once your application is registered in the Developer Portal, you’ll receive a Client ID and Client Secret. Use these to obtain a short-lived access_token by following the OAuth 2.0 flow. Each token is scoped to the API permissions you’ve granted to your application.If you call an endpoint your application hasn’t been granted access to, the API returns HTTP 403 with error code 200100 (“Sorry, the vendor does not have permission for this API.”) — even if your token is otherwise valid. Grant the necessary scopes in the Developer Portal before making those calls.API Key (for personal use, scripts, CLI)In the Lofty CRM, go to Settings > Integrations > API to generate an API key. Each key is a user-scoped personal access token with configurable expiration.
API keys are also used as LOFTY_CUSTOMER_KEY in the Lofty CLI and the Client Credentials flow.
3

Make your first API call

Fetch a list of leads from your Lofty account. The endpoint requires your credentials in the Authorization header.
lofty-cli leads list --limit 10
Replace YOUR_ACCESS_TOKEN or YOUR_API_KEY with your actual credentials.
4

Handle the response

A successful response returns a JSON object containing your leads data. Check the code field to confirm success — Lofty uses 0 to indicate a successful operation.
{
  "code": 0,
  "msg": "success",
  "data": {
    "total": 42,
    "list": [
      {
        "id": 563172647619608,
        "name": "Alex Johnson",
        "email": "alex@example.com",
        "phone": "+15551234567"
      }
    ]
  }
}
Notice that id is a 64-bit integer. Do not parse this with JSON.parse() in JavaScript — values this large can exceed JavaScript’s safe integer range (2^53-1), causing silent precision loss where the ID is silently rounded to a different number. Read the JavaScript and TypeScript Integration Guide before building a JS or TS client.
If the request fails, the response includes a non-zero code and a human-readable msg field explaining the error. Common error codes include 200100 (missing API permission scope, returns HTTP 403) and 401 (invalid or expired credentials).