Articles in this section

Getting Started with the Lofty Developer Platform

Avatar
Baylee Rhoades
Updated
Follow

Introduction

The Lofty Developer Platform allows third-party developers to build integrations with Lofty using OAuth 2.0. This article walks through the full setup process, from creating an account to getting your application approved.

Once your application is approved, see Lofty OAuth 2.0 API Reference for implementation details.

 

Summary

 

Create a Developer Account

  1. Go to the Lofty Developer Platform at https://api.lofty.com/vendor/frontend/static/index.html#/login 
  2. Click 'Sign Up,' enter your full name, organization name, email address, phone number, and a password 
  3. A verification code will be sent to your email (valid for 10 minutes). 
  4. Enter the code to complete signup. After signing up, you will be taken to the Developer Platform.

 

Video Walkthrough

Review this video for a full walkthrough of the Lofty Developer Platform.

 

Submitting Edits to a Production App

Once your app is approved for production, any changes you make go through a brief review before taking effect. This protects your existing users by ensuring Lofty can verify the change before it goes live.

Note: This process only applies to Production apps. If your app is in Development Mode or was Declined, you can edit freely and changes take effect immediately — no review required.

 

Breaking vs. non-breaking changes

Not all edits are treated the same. Lofty distinguishes between two types:

Standard updates (non-breaking) 

Includes changes to your app name, description, redirect URIs, or removing existing permission scopes. Your existing connected users are not affected — their OAuth connections remain active throughout the review and after publishing.

New permission scopes (breaking) 

If you add permission scopes that were not previously granted, this is considered a breaking change. Your existing connected users will need to re-authorize your app to grant the new permissions after you publish. You'll see an amber "Update Submitted — Re-authorization Required" badge during review, and a warning before you publish. We recommend notifying your users before publishing a breaking change.

 

How to submit an edit

1. Make your changes

Click Edit on the App Information card or the Permissions card. Your changes are saved locally and marked with an Edit Pending Approval badge next to each updated field. Your app continues running with its current approved configuration — nothing changes for your users yet.

You can make additional edits before submitting. Edit buttons remain active while changes are staged locally.

2. Submit for review

When you're ready, click Submit for Review in the Application Edit Status section. Your changes are sent to Lofty for review. The review typically takes 2–5 business days. You'll receive an email confirmation, and another email when a decision is made.

While your edit is under review, the edit buttons are locked. Your app continues operating normally with its pre-edit configuration.

3. Publish your changes

Once Lofty approves your edit, the status changes to Ready to Deploy. Your changes are not live yet — you control when they go live. When you're ready, click Publish Changes and your updates take effect immediately.

 

Canceling a pending edit

If you change your mind before your edit is reviewed, you can cancel it. Click Cancel Edit in the Application Edit Status section. This:

  • Reverts all fields to their previously approved values
  • Removes all Edit Pending Approval badges
  • Withdraws the edit from Lofty's review queue
  • Unlocks the edit buttons so you can start fresh

 

Frequently asked questions

Can I make more edits while my existing edit is under review? No — edit buttons are locked while an edit is in review. If you need to make urgent changes, cancel the pending edit first, make your updates, and resubmit.

Does submitting an edit affect my app's production access? No. Your app continues to operate normally with its current approved configuration during the entire review process.

What if my edit is declined? You'll receive an email with the reason. Your app continues running with its current configuration. You can make adjustments and submit a new edit at any time.

 

OAuth Instructions

Once your application is approved and you have your Client ID and Client Secret, you are ready to implement OAuth 2.0. See Lofty OAuth 2.0 API Reference for the full implementation guide.

 

 

Questions?

If you have any questions regarding this topic or any others, please contact our Support Team via email at support@lofty.com, by phone at 1 (855) 981-7557, or by chat through your Lofty CRM. 

 

Related terms: Open API, Developer Platform, OAuth, API, SOC, Third party assessment

 

 

Was this article helpful?
0 out of 0 found this helpful
Lofty OAuth 2.0 API Reference API Key Management Getting Started with the Lofty Developer Platform

Related articles

Comments

0 comments

Article is closed for comments.

All Rights Reserved.

Contact Us: support@lofty.com | 8:00 AM - 8:00 PM EST, Mon - Sun