Just like the web front end, most of the services that the API exposes require an authenticated session. The documentation will note whether or not a service is secure or not.
Beginning with Booked 3.7 there are two ways to authenticate
Username/Password Credentials #
- Make an Authenticate API request to /Authentication/Authenticate with your Booked credentials
- Capture the response and store the sessionToken and userId
- Send X-Booked-SessionToken and X-Booked-UserId headers on all subsequent requests, populated from the response in step 2
API Key #
API Keys should be treated like username and password credentials and kept secure.
Send X-Booked-ApiId and X-Booked-ApiKey headers on all requests. These values can be found when logged into Booked in your Profile.
When using an API key there is no need to call the Authentication service methods.
API keys are available in Booked 3.7+
Authentication Service Methods #
POST #
Authenticate #
Description
Loads all accessories. Within the response, CreditApplicability of 1 is per slot, 2 is per reservation.
Route
/Authentication/Authenticate
Example Request
{
"username": "your-username",
"password": "your-password"
}Example Response
{
"sessionToken": "sessiontoken",
"sessionExpires": "2023-01-16T19:58:02-0500",
"userId": 123,
"isAuthenticated": true,
"version": "1.0",
"links": [],
"message": null
} Sign Out #
Description
Ends the current session
Route
/Authentication/SignOut
Authentication
This service is secure and requires authentication headers
Example Request
There is no request body
Example Response
There is no response body
