Authentication#
Our systems use Oauth2.
This section describes first how to get an authentication token for our sandbox/production environment, then use it into Content Partner API queries.
Users cannot perform any action on the API without being authenticated. Therefore, any Content Partner API user must be authenticated by creating an application token through an OAuth2 flow. Once token received, users can perform API queries.
Credentials Creation#
- For account registration and access our Sandbox environment, please contact us at (either):
You will receive an e-mail with a link to create your password.
Token Generation#
Once your account is created, your username/password are used to generate an authentication token to be able to perform queries on our API.
The following examples are reproducible using a simple cURL command or any high-level client such as Postman or Insomnia.
Step 1 – Authentication and token generation#
With cURL, the following command obtains the authentication token for the Content Partner API (fill username & password with your credentials):
Sandbox API token query:
curl -X POST "https://api-sandbox.amadeus-discover.com/auth/realms/amadeus-discover/protocol/openid-connect/token" \
--data-urlencode "client_id=content-partner-api" --data-urlencode "grant_type=password" \
--data-urlencode "username={YOUR_USERNAME}" --data-urlencode "password=YOUR_PASSWORD"
Production API token query:
curl -X POST "https://api.amadeus-discover.com/auth/realms/amadeus-discover/protocol/openid-connect/token" \
--data-urlencode "client_id=content-partner-api" --data-urlencode "grant_type=password" \
--data-urlencode "username={YOUR_USERNAME}" --data-urlencode "password=YOUR_PASSWORD"
Note
Token lifespan is 5 minutes (300 seconds). If expired, you’ll need to generate a new one.
A token use is limited to its environment (i.e Sandbox_token -> Sandbox API access only)
Token can be refreshed ie. extending its validity time adding 300s each time limited to 30min (see ex below)
Refreshing/extending a token:
curl -X POST "https://api-sandbox.amadeus-discover.com/auth/realms/amadeus-discover/protocol/openid-connect/token" \
--data-urlencode "grant_type=refresh_token" \
--data-urlencode "client_id=content-partner-api" \
--data-urlencode "refresh_token={YOUR_TOKEN}"
Note
- On windows (or linux), with
curl,jq,teeandclipyou may use an advanced command line to output the raw token to the terminal, inside atoken.tmpfile, and in the windows clipboard all at once, with a call like this: curl -X POST https://api-sandbox.amadeus-discover.com/auth/realms/amadeus-discover/protocol/openid-connect/token --data-urlencode "client_id=content-partner-api" --data-urlencode "grant_type=password" --data-urlencode "username=YOUR_USERNAME" --data-urlencode "password=YOUR_PASSWORD" --silent | jq -r ".access_token" | tee token.tmp && clip < token.tmp
Step 2 - Access API with token#
Using cURL:
curl -X GET "https://api-sandbox.amadeus-discover.com/api/supplier/1234" \
-H "accept: */*" \
-H "Authorization: Bearer {YOUR_TOKEN}"
- In this example, we query the endpoint
/api/supplier/{supplierId}on our Sandbox environment to retrieve information about a supplier (id 1234). - (The token used in this example is of course invalid because expired, use your own valid token).
Using Swagger:
Swagger sandbox environment:
https://api-sandbox.amadeus-discover.com/api/content-partner/swagger-ui/index.html
Click on “Authorize” at the top of the page to access API.
Copy / paste your token and click “Authorize”
- Once the token setup, you may perform queries, check the Try it out button.
Note
This process is the same for our production API, only the target url will change
Sandbox base url : https://api-sandbox.amadeus-discover.com/
Production base url : https://api.amadeus-discover.com/
Next steps#
- Now you are able to access our API, your next step is :
- Push and manage your products inside our database.
Everything will be described in detail in the guidelines section.