...
- Your BookingCenter Partner Manager approves your application for use and will provide you with your Api Credentials.
- The Property grants the Partner Application permission to manage their property account via the API.
- Your application should now be set up and, depending on authorization and permissions, be able to:
- Create and update requests (requests)
- Retrieve a list of available properties (properties) that have authorized partner application access.
- Access available request forms (forms) for the specified property.
- Access available staff (staff) for the specified property.
- Access available categories (categories) for the specified property.
API Development Cycle
- Acceptance into the Api Partner Program
- Partner Manager provides credentials to development environment
- The Property grants the Partner Application permission to manage their property account via the API.
Authentication:
All endpoints require authentication in the form of a login and key pair that were provided upon Partner registration. The api_login can be defined as either a string, or an integer, however the api_key must always be in UUID format.
it must be included in the request headers
| Code Block |
|---|
x-api-login: 1123457
x-api-key: f4f7ca6c-72b7-4b1c-921e-f31243c2b5ce |
Failure to include valid credentials as described will return a http status code 401 with a response Unauthorized.
Rate Limiting
To ensure API stability and prevent abuse, BookingCenter enforces rate limits at the partner level. Your application is responsible for operating within these rate limits. Once a rate limit has been exceeded, no more requests are handled until the limit expires. Attempting to issue requests repeatedly beyond the limit could result in your application being blocked for a longer period, other legitimate requests being rejected, and/or the IP address being blacklisted.
...
- Build a queuing system to ensure that you don’t exceed the limits.
- Ensure that you do exponential backoff if you do exceed a rate limit.
- Ensure that the you have the
User AgentandX-BookingCenter-API-Keyx-api-loginand x-api-key headers on your requests.
In the event the application exceeds the API Level Rate Limiting
If an API endpoint has a specific limit, you will receive a 405 Method Not Allowed or 429 Too Many Requests error if you exceed it. Endpoint rate limits are included in that API’s documentation.
Technical Support
When a system (System Trigger, MyBooking, BookingCenter, etc) places a message to be processed by the API, we view these in the Que | MyGuest Que where we can see about any errors or pending messages. This is the place to verify whether a System placed the correct message in or not.
Once the message is processed, and thus we can verify what took place, we view these in the Logging | MyGuest History.
Authentication:
All endpoints and calls require authentication in the form of a login and key pair that are defined in the MyGuest app under Connected Apps. The api_login can be defined as either a string, or an integer, however the api_key must always be in UUID format.
it must be included in the request headers
| Code Block |
|---|
x-api-login: 1123457
x-api-key: f4f7ca6c-72b7-4b1c-921e-f31243c2b5ce |
Failure to include valid credentials as described will return a http status code 401 with a response Unauthorized.
Endpoint Routes:
...
limiting an 429 error will be returned with a `retry-after` element notifying the application after the UTC time in which the API will accept new requests from it. A sample 429 rate limit message is provided below.
| Code Block |
|---|
{
"api_version": 3,
"status": "failed",
"errors": {
"code": 429,
"message": "Too many requests",
"retry-after": "2020-02-11T02:44:47+00:00"
},
"request_uuid": "b84ecfde-19de-4ede-a96a-91f86c623841"
} |
Technical Support
Message Structure
Create Request
...