Partner Connect API

Connect with Vibe

Integrate your application with Bitrix24 through Vibe Platform. Get a scoped API key for any user's portal in just a few steps.

How it works

Standard OAuth-style flow — redirect, consent, exchange.

Redirect to authorization

Send the user to the Vibe authorization endpoint with your client credentials and requested scopes.

/v1/connect/authorize?client_id=YOUR_CLIENT_ID&redirect_uri=https://yourapp.com/callback&scopes=crm,task&state=RANDOM_STATE

User selects portal and approves

The user sees a consent screen, chooses which Bitrix24 portal to connect, and approves the requested scopes.

Receive authorization code

After approval, the user is redirected to your redirect_uri with code and state query parameters.

https://yourapp.com/callback?code=AUTH_CODE&state=RANDOM_STATE

Exchange code for API key

Your server makes a POST request to exchange the code for a long-lived API key.

Your AppVibe Consent PageUser approvesCode → redirect_uriAPI Key

Quick start

Exchange the authorization code for an API key using your server-side code.

Token Exchange Request

curl -X POST https://vibecode.bitrix24.tech/v1/connect/token \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d client_id=YOUR_CLIENT_ID \
  -d client_secret=YOUR_SECRET \
  -d code=RECEIVED_CODE \
  -d redirect_uri=YOUR_REDIRECT_URI

Response

{
  "success": true,
  "api_key": "vibe_api_...",
  "portal": {
    "domain": "example.bitrix24.ru",
    "name": "My Company"
  },
  "scopes": ["crm", "task"],
  "user": {
    "name": "John",
    "email": "john@example.com"
  }
}

Using the API key

Pass the returned api_key in every request to the Vibe proxy:

X-Api-Key: vibe_api_...

Available scopes

Request only the scopes your application needs. Users can deselect individual scopes on the consent screen.

Scope	Description
`crm`	CRM — deals, leads, contacts, companies, pipelines
`task`	Tasks — task creation, updates, comments, workgroups
`im`	Messaging — chat, notifications, open lines
`call`	Telephony — call logs, VoIP, telephony settings
`disk`	Disk — files, folders, storage management
`user`	Users — full user profiles, settings, departments
`user_basic`	Users (basic) — read-only access to basic user info
`calendar`	Calendar — events, meetings, time slots
`catalog`	Catalog — product catalog, properties, sections
`sale`	E-commerce — orders, shipments, payments, baskets
`bizproc`	Business processes — workflow automation
`lists`	Lists — universal list management
`department`	Departments — organizational structure
`timeman`	Time tracking — work time, reports, shifts
`landing`	Sites — landing pages, websites builder
`sonet_group`	Social network — workgroups, projects, activity feed
`log`	Activity log — portal activity stream

Error codes

All errors are returned as JSON with success: false and an error.code field.

Code	HTTP	Description
`INVALID_CLIENT`	400	The client_id does not exist or the client_secret is incorrect.
`INVALID_REDIRECT_URI`	400	The redirect_uri does not match any registered URI for this client.
`INVALID_SCOPE`	400	One or more requested scopes are not valid or not permitted for this client.
`INVALID_CODE`	400	The authorization code is invalid, expired (10 min TTL), or already used.
`PARTNER_DISABLED`	403	The partner account has been suspended. Contact Vibe support.
`KEY_LIMIT_REACHED`	429	The user has reached the maximum number of API keys for this portal.

Error response shape

{
  "success": false,
  "error": {
    "code": "INVALID_CODE",
    "message": "Authorization code is invalid or has expired"
  }
}

Become a Partner

To get your client_id and client_secret, contact the Vibe Platform team.

Tell us about your application, use case, and required scopes. We review all partner applications.

partners@vibecode.ru