Join our community at https://www.reddit.com/r/HotelByte/
Ticket
HotelByte OpenAPI - Test
https://api-test.hotelbyte.com
HotelByte OpenAPI - Test
https://api-test.hotelbyte.com
POST
https://api-test.hotelbyte.com
AuthOpenapi
Get an authentication token for API access using your appKey/appSecret.
This endpoint returns a ticket (JWT token) that you must include in all subsequent API requests.
Sliding Expiration Mechanism:
- The ticket uses a sliding expiration model - it only expires when there's no API activity
- Maximum lifetime: 365 days (hard limit)
- Idle timeout: Customizable via TTL parameter (default: 24 hours if not specified)
- Active renewal: Token automatically refreshes when you make API calls
- TTL parameter: Specifies how long the token stays valid without activity (in seconds)
Usage Guidelines:
- Cache the ticket and reuse it for all API calls
- Do NOT call this endpoint before every API call - it's expensive and unnecessary
- The sliding expiration is handled transparently by the server
- Include the ticket in the Authorization header: "Bearer "
Error Handling:
- 401: Invalid appKey/appSecret - contact your HotelByte representative
- 401: Token expired due to inactivity - call this endpoint again to get a new ticket
- 429: Rate limit exceeded - wait before retrying
Request
Header Params
Body Params application/jsonRequired
Responses
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST 'https://api-test.hotelbyte.com/api/auth/ticket' \
--header 'Client-Request-Timestamp;' \
--header 'IP;' \
--header 'Language;' \
--header 'Request-Id;' \
--header 'Trace-Id;' \
--header 'Authorization: Bearer ' \
--header 'Content-Type: application/json' \
--data-raw '{
"appKey": "hotelbyte_api_demo",
"appSecret": "hotelbyte_api_demo",
"ttl": 3600
}'Response Response Example
{
"code": 0,
"msg": "string",
"data": {
"ticket": "string"
}
}