Authentication

Tell us who you are

To ensure no spooky stuff happens.

Exchange credentials for token. (Example only)

post

You will be provided with a client_id and a client_secret which you'll use to authenticate yourself in the system. The first thing you need to do is to get access token which you will then use for further requests. When it expires, you will need to request another one. Multiple tokens can be active at once.

Supported types:

client_credentials Once you have a valid access token, you will need to use it to sign all requests made to the Prio API.

This is done by providing Authorization HTTP header along with each of your requests in the following format:

Authorization: <token_type> <access_token>

If this header is not present in the request, the service will reject the request by returning the HTTP error code 400 and respond with an appropriate error message.

Please do not manually perform this operation, we highly encourage you to use an existing OAuth library for your specific language.

Make sure to call this endpoint only in case your current token has expired to reduce roundtrips and overal latency.

Authorizations

AuthorizationstringRequired

Basic Auth used for retrieving a JWT token using the /oauth2/token endpoint (Sample Only) and Webhook security. For the other endpoints, the OAuth2 flow should be used instead.

Header parameters

AuthorizationstringOptional

The client sends HTTP requests with the Authorization header that contains the word Basic word followed by a space and a base64-encoded string username:password.

Body

grant_typestringRequired

Value MUST be set to "client_credentials".

Example: client_credentials

scopestringOptional

The scope of the access request.

Example: https://www.prioticketapis.com/auth/distributor.booking

Responses

200

Successfully Authenticated

application/json

access_tokenstringRequired

The access token issued by the authorization server.

Example: eyJhbGciOiJIUzI1NiJ9.e30.XmNK3GpH3Ys_7wsYBfq4C3M6goz71I7dTgUkuIa5lyQ

token_typestringRequired

The type of the token issued.

Example: Bearer

expires_inintegerRequired

The lifetime in seconds of the access token. For example, the value "3600" denotes that the access token will expire in one hour from the time the response was generated.

Example: 3600

scopestringOptional

OPTIONAL, if identical to the scope requested by the client; otherwise, REQUIRED.

Example: https://www.prioticketapis.com/auth/distributor.booking

400

Invalid Request

The request is missing a required parameter, includes an unsupported parameter value (other than grant type), repeats a parameter, includes multiple credentials, utilizes more than one mechanism for authenticating the client, or is otherwise malformed.

application/json

401

Authentication Failed

Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code and include the WWW-Authenticate response header field matching the authentication scheme used by the client.

application/json

405

Method Not Allowed

The HyperText Transfer Protocol (HTTP) 405 Method Not Allowed response status code indicates that the request method is known by the server but is not supported by the target resource.

A request method is not supported for the requested resource; for example, a GET request on a form that requires data to be presented via POST, or a PUT request on a read-only resource.

application/json

406

Not Acceptable

The HyperText Transfer Protocol (HTTP) 406 Not Acceptable client error response code indicates that the server cannot produce a response matching the list of acceptable values defined in the request's proactive content negotiation headers, and that the server is unwilling to supply a default representation.

application/json

422

Unprocessable Entity

The HyperText Transfer Protocol (HTTP) 422 Unprocessable Entity response status code indicates that the server understands the content type of the request entity, and the syntax of the request entity is correct, but it was unable to process the contained instructions.

application/json

429

Too Many Requests

The HTTP 429 Too Many Requests response status code indicates the user has sent too many requests in a given amount of time ("rate limiting").

application/json

500

Internal Server Error

The HyperText Transfer Protocol (HTTP) 500 Internal Server Error response code indicates that the server encountered an unexpected condition that prevented it from fulfilling the request.

application/json

501

Not Implemented

The HyperText Transfer Protocol (HTTP) 501 Not Implemented server error response code means that the server does not support the functionality required to fulfill the request.

The server either does not recognize the request method, or it lacks the ability to fulfil the request. Usually this implies future availability (e.g., a new feature of a web-service API).

application/json

502

Bad Gateway

The HyperText Transfer Protocol (HTTP) 502 Bad Gateway server error response code indicates that the server, while acting as a gateway or proxy, received an invalid response from the upstream server.

The HTTP 502 Bad Gateway error is exclusively returned in case of problems during communication with the supplier or third-party system.

application/json

503

Service Unavailable

The HyperText Transfer Protocol (HTTP) 503 Service Unavailable server error response code indicates that the server is not ready to handle the request.

The HTTP 503 Service Unavailable error is exclusively returned in case of problems during internal communication.

application/json

504

Gateway Timeout

The HyperText Transfer Protocol (HTTP) 504 Gateway Timeout server error response code indicates that the server, while acting as a gateway or proxy, did not get a response in time from the upstream server that it needed in order to complete the request.

The HTTP 504 Gateway Timeout error is exclusively returned in case of problems during communication with the supplier or third-party system.

application/json

post

/oauth2/token

POST /v3.8/distributor/oauth2/token HTTP/1.1
Host: staging-distributor-api.prioticket.com
Authorization: Basic username:password
Content-Type: application/json
Accept: */*
Content-Length: 101

{
  "grant_type": "client_credentials",
  "scope": "https://www.prioticketapis.com/auth/distributor.booking"
}

{
  "access_token": "eyJhbGciOiJIUzI1NiJ9.e30.XmNK3GpH3Ys_7wsYBfq4C3M6goz71I7dTgUkuIa5lyQ",
  "token_type": "Bearer",
  "expires_in": 3600,
  "scope": "https://www.prioticketapis.com/auth/distributor.booking"
}

PreviousAbout NextSystem

Last updated 12 days ago

Was this helpful?

hashtagExchange credentials for token. (Example only)

Exchange credentials for token. (Example only)