@propstreet/appDocumentationAPI Reference

Multi-Tenant Guide

Understand how data is organized and secured in Propstreet.

Billing Groups

Propstreet organizes data by Billing Group—typically your company or organization. Each Billing Group has its own:

  • Contacts and companies
  • Team members and permissions
  • Bot users and OAuth clients
  • Subscription and billing

How Access Tokens Work

Every access token is scoped to one or more Billing Groups:

┌─────────────────────────────────────────────────┐
│                 Your Integration                 │
│                                                  │
│  Access Token (scoped to Billing Group A)        │
└─────────────────────┬───────────────────────────┘


┌─────────────────────────────────────────────────┐
│              Propstreet API                      │
├─────────────────────────────────────────────────┤
│  Billing Group A     │  Billing Group B          │
│  ✓ Accessible        │  ✗ Not accessible         │
│                      │                           │
│  • Your contacts     │  • Other company's data   │
│  • Your companies    │  • Completely isolated    │
│  • Your relationships│                           │
└─────────────────────────────────────────────────┘

Data Isolation

Your data is always isolated:

  • You can only access contacts and companies in your Billing Group(s)
  • Other organizations cannot see your data
  • API responses never include cross-tenant data

This is enforced at the API level—there's no way to accidentally access another organization's data.

Common Scenarios

Single Company Integration

Most integrations connect one CRM to one Propstreet Billing Group:

  1. Create a Bot User in your Billing Group
  2. Create an OAuth Client linked to that Bot User
  3. Use Client Credentials to get tokens scoped to your Billing Group

All API calls will only see and modify your company's data.

Multi-Company Integration

If you're building a product that serves multiple Propstreet customers (like a CRM integration app):

  1. Each customer authorizes your app via OAuth Authorization Code flow
  2. You receive separate access tokens for each customer
  3. Each token is scoped to that customer's Billing Group

Important: Store tokens separately per customer and never mix them up.

Enterprise with Multiple Billing Groups

Some enterprises have multiple Billing Groups (e.g., regional offices). In this case:

  • A single Bot User might have access to multiple Billing Groups
  • API responses may include data from all accessible Billing Groups
  • Use filtering if you need to work with one Billing Group at a time

Contact feedback@propstreet.com for enterprise multi-tenant configurations.

Best Practices

  1. One integration per Billing Group for simple setups
  2. Store tokens securely and never share between customers
  3. Don't assume Billing Group structure—let the API tell you what's accessible
  4. Contact support for complex multi-tenant requirements