Currently, accessing guest messages through the API requires setting up an OAuth App with a signed messaging agreement. I understand why this exists for third-party integrations, but for a single owner accessing their own message threads, the OAuth setup is a significant barrier for a simple need.
My use case: I use the OwnerRez v2 API (via Personal Access Token) to pull my booking and financial data into an automated workflow. I'd like to also pull my guest message threads so I can:
- Draft faster, more consistent responses with AI assistance — I use Claude (Anthropic) as a business advisor. Right now I have to manually copy/paste each guest message into the tool. If I could pull message threads via API, I could automate this entirely.
- Identify unanswered messages — with bookings across Airbnb, Vrbo, and direct, messages come through multiple channels. A single API pull would show me everything that needs a response.
- Build a searchable library of my past guest communications — useful for maintaining consistent tone and referencing how I handled similar situations (discount requests, late checkout asks, pet policy questions, etc.)
- Review message history for a specific booking when resolving issues or preparing review responses.
What I'm NOT asking for: I don't need to send messages through the API. Read-only access to my own message threads via my existing Personal Access Token would cover everything above. The security concern around sending messages via API is reasonable — but reading my own conversations carries no risk of impersonating the host or sending unauthorized messages to guests.
I'm aware that self-use OAuth is technically possible today, but the setup overhead (creating an OAuth app, managing token refresh, signing a messaging agreement) is disproportionate for a single-owner operation that just wants to read their own data. The Personal Access Token already authenticates me as the account owner — extending read-only messaging access to PATs would be a natural addition.
Would anyone else benefit from being able to pull their message threads via the existing PAT-based API?
