Get a Token for REST APIs
The following sections explain how to get an authentication token that enables you to call Aven Hospitality APIs.
Prerequisites
1. Contact Aven Hospitality to request your credentials. Ensure that you meet one or more of the following requirements:
- You must be an Aven Hospitality customer or be working with an Aven Hospitality customer.
- You must have contacted an Aven Hospitality account manager.
- You must have a signed contract with Aven Hospitality.
2. Know which environments and Aven Hospitality APIs you can access.
Get Your Credentials
You will receive your token credentials via email after your Aven Hospitality APIs order is created by your Aven Hospitality account manager.
These credentials provide access to the Aven Hospitality APIs.
Your credentials provide access to:
- Get and use a token.
- Use Aven Hospitality API environments.
- Use your subset of Aven Hospitality APIs.
- Use your subset of Aven Hospitality API documentation on Developer Portal.
Construct Your Token Credentials
Your token credentials are your authentication signature for Aven Hospitality APIs.
| Credential | Description |
|---|---|
| User Name | Your Aven Hospitality API user name |
| Password | Your Aven Hospitality API password |
Use a base64-encoding tool to complete the following steps:
| Steps | Description | Example | Base64 Encoded Value |
|---|---|---|---|
| 1: Encode your User Name | Base64 encode your User Name. | TestUserName | U0hTVGVzdFVzZXJOYW1l |
| 2: Encode your Password | Base64 encode your Aven Hospitality API password. | ClientPassword12345 | Q2xpZW50UGFzc3dvcmQxMjM0NQ== |
| 3: Encode a concatenated format or your User Name and Password to obtain your authorization string | Concatenate your base64 encoded User Name and Password with a colon (:) separating the two. Base64 encode the concatenated string to create your authorization string. Note: Remember to add the colon between the User ID and Password. | U0hTVGVzdFVzZXJOYW1l:Q2xpZW50UGFzc3dvcmQxMjM0NQ== | VTBoVFZHVnpkRlZ6WlhKT1lXMWw6UTJ4cFpXNTBVR0Z6YzNkdmNtUXhNak0wTlE9PQ== |
Get a Token
Your security token gets you connected to Aven Hospitality REST APIs.
Prerequisites
- Know your Aven Hospitality credentials.
- Construct your token credentials.
- Determine the environment to call.
Step 1: Call the method/endpoint
Obtain the token from the environment that you want to use to call Aven Hospitality APIs:
- For the certification environment, obtain a token from the certification environment.
- For the production environment, obtain the token from that environment.
| Field | Description |
|---|---|
| URL |
|
| Authorization |
|
| Content-Type |
|
| ApplicationUserMetaData |
|
| GrantType |
|
| UserIPAddress |
|
| UserType |
|
| BusinessContext |
|
Example of a sessionless token request body:
POST https://services-c1.synxis.com/v1/auth/token HTTP/1.1
Content-Type: application/json
Authorization: Basic VTBoVFZHVnpkRlZ6WlhKT1lXMWw6UTJ4cFpXNTBVR0Z6YzNkdmNtUXhNak0wTlE9PQ==
ApplicationUserMetaData: UsernameWithinExternalSystem
User-Agent: PostmanRuntime/7.15.0
Accept: */*
{
"GrantType": "CLIENT_CREDENTIALS",
"UserIPAddress": "127.0.0.1",
"UserType": "Hotel",
"BusinessContext": "WBSVC"
}Step 2: Get token from the response
Examples of parameters:
| Field | Description |
|---|---|
| access_token |
|
| token_type |
|
| expires_in |
|
Success Response
If the request is valid, the body contains the token, token type, and token expiration.
{
"access_token":"T1RLAQJ4QjOhTYPWoqIhCk0bClC7HelowVT/eS6+aLLvmHhAD7AscBw/kpl/mbA9UuawTAAEQHakd1L9ySOnoMpYggQtn+um5+T/u7WPrwKbPKbgZF5x3vp5U8Hqed4Qk+qZlZMXfJRBO2rFutI+r7F6Wng1TwBfWh+WUb8RudoxbK2D2mGal6FXdjqvz5fcAGRxictMqcdTM7a/ykRx6vkCiCFuS/lmXl1PlK63r0QrCpUTT+47fBTQDlApTjpqtvujnuZBS7rpfmcvVcJBvFFc7J7AkcMAWfBMwHOuhVByPc9Z+GrpLw0vgS80UptGQbN2ZAg0zvRDBmWi0AWx2fPEesJzc6nQZhlSrtLYPQZACLdVGhFBFyrRs1uMtmiUBXaiqZk1HsHc8tGLhqyhS/0QNle8jx2EDU4SLQ2+8pXnho*",
"token_type":"bearer",
"expires_in":720
}Failure Response
If the request is unauthorized, the server returns the following error message.
{
"error": "ERR.SHS-SECUTIL.TOKEN.CREATE.INVALID_USERNAME_OR_PASSWORD",
"error_description": "user does not exist or password is invalid",
"Result": {
"ResultCode": "ERROR",
"Description": "user does not exist or password is invalid"
},
"Errors": [
{
"Status": "NotProcessed",
"ReportingSystem": "SHS-security-utility",
"Type": "Validation",
"ErrorCode": "ERR.SHS-SECUTIL.TOKEN.CREATE.INVALID_USERNAME_OR_PASSWORD",
"Instance": "shs-secutil-shutltxshsec01.shslab.local-default",
"Message": "user does not exist or password is invalid"
}
]
}Step 3: Use the token in the request to call a REST API
Send the sessionless token to the environment and API endpoint in the header when you call a given REST API.
| Field | Description |
|---|---|
| URL |
|
| Authorization |
|
Example request to the Reservation Utilities API's Cancel Reasons request:
GET https://gw-cert.synxis.com/v1/api/reservation/lists/cancelreasons?hotelId=11113 HTTP 1.1
Authorization: Bearer T1RLAQJ4QjOhTYPWoqIhCk0bClC7HelowVT/eS6+aLLvmHhAD7AscBw/kpl/mbA9UuawTAAEQHakd1L9ySOnoMpYggQtn+um5+T/u7WPrwKbPKbgZF5x3vp5U8Hqed4Qk+qZlZMXfJRBO2rFutI+r7F6Wng1TwBfWh+WUb8RudoxbK2D2mGal6FXdjqvz5fcAGRxictMqcdTM7a/ykRx6vkCiCFuS/lmXl1PlK63r0QrCpUTT+47fBTQDlApTjpqtvujnuZBS7rpfmcvVcJBvFFc7J7AkcMAWfBMwHOuhVByPc9Z+GrpLw0vgS80UptGQbN2ZAg0zvRDBmWi0AWx2fPEesJzc6nQZhlSrtLYPQZACLdVGhFBFyrRs1uMtmiUBXaiqZk1HsHc8tGLhqyhS/0QNle8jx2EDU4SLQ2+8pXnho*