Authentication
Tell us who you are
To ensure no spooky stuff happens.
You will be provided with a client_id and a client_secret which you'll use to authenticate yourself in the system. The first thing you need to do is to get access token which you will then use for further requests. When it expires, you will need to request another one. Multiple tokens can be active at once.
Supported types:
client_credentialsOnce you have a valid access token, you will need to use it to sign all requests made to the Prio API.
This is done by providing Authorization HTTP header along with each of your requests in the following format:
Authorization:<token_type><access_token>
If this header is not present in the request, the service will reject the request by returning the HTTP error code 400 and respond with an appropriate error message.
Please do not manually perform this operation, we highly encourage you to use an existing OAuth library for your specific language.
Make sure to call this endpoint only in case your current token has expired to reduce roundtrips and overal latency.
The client sends HTTP requests with the Authorization header that contains the word Basic word followed by a space and a base64-encoded string username:password.
Value MUST be set to "client_credentials".
client_credentialsThe scope of the access request.
https://www.prioticketapis.com/auth/distributor.bookingSuccessfully Authenticated
Invalid Request
The request is missing a required parameter, includes an unsupported parameter value (other than grant type), repeats a parameter, includes multiple credentials, utilizes more than one mechanism for authenticating the client, or is otherwise malformed.
Authentication Failed
Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code and include the WWW-Authenticate response header field matching the authentication scheme used by the client.
Method Not Allowed
The HyperText Transfer Protocol (HTTP) 405 Method Not Allowed response status code indicates that the request method is known by the server but is not supported by the target resource.
A request method is not supported for the requested resource; for example, a GET request on a form that requires data to be presented via POST, or a PUT request on a read-only resource.
Not Acceptable
The HyperText Transfer Protocol (HTTP) 406 Not Acceptable client error response code indicates that the server cannot produce a response matching the list of acceptable values defined in the request's proactive content negotiation headers, and that the server is unwilling to supply a default representation.
Unprocessable Entity
The HyperText Transfer Protocol (HTTP) 422 Unprocessable Entity response status code indicates that the server understands the content type of the request entity, and the syntax of the request entity is correct, but it was unable to process the contained instructions.
Too Many Requests
The HTTP 429 Too Many Requests response status code indicates the user has sent too many requests in a given amount of time ("rate limiting").
Internal Server Error
The HyperText Transfer Protocol (HTTP) 500 Internal Server Error response code indicates that the server encountered an unexpected condition that prevented it from fulfilling the request.
Not Implemented
The HyperText Transfer Protocol (HTTP) 501 Not Implemented server error response code means that the server does not support the functionality required to fulfill the request.
The server either does not recognize the request method, or it lacks the ability to fulfil the request. Usually this implies future availability (e.g., a new feature of a web-service API).
Bad Gateway
The HyperText Transfer Protocol (HTTP) 502 Bad Gateway server error response code indicates that the server, while acting as a gateway or proxy, received an invalid response from the upstream server.
The HTTP 502 Bad Gateway error is exclusively returned in case of problems during communication with the supplier or third-party system.
Service Unavailable
The HyperText Transfer Protocol (HTTP) 503 Service Unavailable server error response code indicates that the server is not ready to handle the request.
The HTTP 503 Service Unavailable error is exclusively returned in case of problems during internal communication.
Gateway Timeout
The HyperText Transfer Protocol (HTTP) 504 Gateway Timeout server error response code indicates that the server, while acting as a gateway or proxy, did not get a response in time from the upstream server that it needed in order to complete the request.
The HTTP 504 Gateway Timeout error is exclusively returned in case of problems during communication with the supplier or third-party system.
POST /v3.8/distributor/oauth2/token HTTP/1.1
Host: staging-distributor-api.prioticket.com
Authorization: Basic username:password
Content-Type: application/json
Accept: */*
Content-Length: 101
{
"grant_type": "client_credentials",
"scope": "https://www.prioticketapis.com/auth/distributor.booking"
}{
"access_token": "eyJhbGciOiJIUzI1NiJ9.e30.XmNK3GpH3Ys_7wsYBfq4C3M6goz71I7dTgUkuIa5lyQ",
"token_type": "Bearer",
"expires_in": 3600,
"scope": "https://www.prioticketapis.com/auth/distributor.booking"
}Was this helpful?