Oracle Hospitality Cruise REST API

NOT FOR PUBLIC DISTRIBUTION: 2020-09-23

Generate OAuth token

post

/spms/access/token

Generates/refreshes an Oauth token

operationId: authentication

Generating Token:
Uses the password grant (flow) mechanism. That is, it is designed to be used with applications that the system trusts. See: https://oauth.net/2/grant-types/password for the flow. In this call, you provide the username/password this POST supplies the OAUTH JSON token in return which you then supply to all calls in the authorization header field as a bearer token.

Refresh Token mode:
Allows you to get a new token using the refresh token instead of user/password. Use this to get an token when the application has a JWT token and it wants to extend access to the APIS without prompting the user for their user/password

Request

Supported Media Types

application/x-www-form-urlencoded

Root Schema : oAuthGrantRequest

Type: object

Show Source

grant_type: string

Pattern: password|refresh_token

Name of the oauth grant. Only accepts password in this version when generating a new token for the first time. Use refresh_token if you want to refresh the token using the 'refresh_token' returned in a previous call.

Example: <PASSWORD>
password(optional): string

Pattern: ^[a-zA-Z0-9 _,\\?/\\.\\-\\\\+\\*\n~!@#$%&{}\\[\\]()=<>\\|\\^\\":;@`]*$

The password of the user you are trying to gain an authentication token for. Note this is mandatory if you are requesting a token via the password grant_type

Example: <PASSWORD>
refresh_token(optional): string

Pattern: ^[A-Za-z0-9-_.]+$

Refresh token returned in the original password grant_type. Used to get a new token using this refresh token. Note this is mandatory if you are requesting a token via the refresh_token grant_type

Example: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsic3Btcy1vYXV0aDItcmVzb3VyY2UiXSwidXNlcl9uYW1lIjoiaGVsbG8iLCJzY29wZSI6WyJBbGwiXSwib3JnYW5pemF0aW9uIjoiaGVsbG9DTmpiIiwiYXRpIjoiNTI1YTkzNzMtZjBhOC00Mzc3LTkzZDctN2Q5ZTAwZTIzMGI1IiwiZXhwIjoxNTY4NzQ4MTI0LCJhdXRob3JpdGllcyI6WyJBRE1JTiJdLCJqdGkiOiI2MTMxYTljNy05YTc3LTRmYmMtYWQyZi01YWNkOTQzM2E4MjQiLCJjbGllbnRfaWQiOiJjbGllbnRpZCJ9.gkCMb1VreAmBDI51wYTfDVyaYQsbfgznNl1tb8hUEEpXsPm0ZlaTFynLr_VUFae6AbF1bHsktSMmpLc9jndIVHAJ3dIoV9vTtngf3XffGcS_HhzlyhHZSFiLb4zFXjFUFJ1WmBMK6FYLr3mBsta4nAI3q7jeF_QEC2rJFIr8z3sHTK0jJyDFXzwcnuNVPhLiuZ42qOatcxB4oA5n07JhJOCbA9dIyl4yVZkxvZR484lUOI32_i2EE0yx05xgwDIwNJMbdxo5WF99J6IWSJO17jLb3K9JzlBEcBqL7Sq4XoNBKJ7u2buDaWpxlgPh84gohT_8dqCKt8r7sKWwQDgyvg
username(optional): string

Pattern: ^[A-Za-z0-9-_.]{2,20}$

User name you are trying to gain an authentication token for. Note this is mandatory if you are requesting a token via the password grant_type

Example: <UserName>

{
    "properties":{
        "grant_type":{
            "description":"Name of the oauth grant. Only accepts password in this version when generating a new token for the first time. Use refresh_token if you want to refresh the token using the 'refresh_token' returned in a previous call.",
            "pattern":"password|refresh_token",
            "example":"<PASSWORD>",
            "type":"string"
        },
        "password":{
            "description":"The password of the user you are trying to gain an authentication token for. Note this is mandatory if you are requesting a token via the password grant_type",
            "pattern":"^[a-zA-Z0-9 _,\\\\?/\\\\.\\\\-\\\\\\\\+\\\\*\\n~!@#$%&{}\\\\[\\\\]()=<>\\\\|\\\\^\\\\\":;@`]*$",
            "example":"<PASSWORD>",
            "type":"string"
        },
        "username":{
            "description":"User name you are trying to gain an authentication token for. Note this is mandatory if you are requesting a token via the password grant_type",
            "pattern":"^[A-Za-z0-9-_.]{2,20}$",
            "example":"<UserName>",
            "type":"string"
        },
        "refresh_token":{
            "type":"string",
            "description":"Refresh token returned in the original password grant_type. Used to get a new token using this refresh token. Note this is mandatory if you are requesting a token via the refresh_token grant_type",
            "pattern":"^[A-Za-z0-9-_.]+$",
            "example":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsic3Btcy1vYXV0aDItcmVzb3VyY2UiXSwidXNlcl9uYW1lIjoiaGVsbG8iLCJzY29wZSI6WyJBbGwiXSwib3JnYW5pemF0aW9uIjoiaGVsbG9DTmpiIiwiYXRpIjoiNTI1YTkzNzMtZjBhOC00Mzc3LTkzZDctN2Q5ZTAwZTIzMGI1IiwiZXhwIjoxNTY4NzQ4MTI0LCJhdXRob3JpdGllcyI6WyJBRE1JTiJdLCJqdGkiOiI2MTMxYTljNy05YTc3LTRmYmMtYWQyZi01YWNkOTQzM2E4MjQiLCJjbGllbnRfaWQiOiJjbGllbnRpZCJ9.gkCMb1VreAmBDI51wYTfDVyaYQsbfgznNl1tb8hUEEpXsPm0ZlaTFynLr_VUFae6AbF1bHsktSMmpLc9jndIVHAJ3dIoV9vTtngf3XffGcS_HhzlyhHZSFiLb4zFXjFUFJ1WmBMK6FYLr3mBsta4nAI3q7jeF_QEC2rJFIr8z3sHTK0jJyDFXzwcnuNVPhLiuZ42qOatcxB4oA5n07JhJOCbA9dIyl4yVZkxvZR484lUOI32_i2EE0yx05xgwDIwNJMbdxo5WF99J6IWSJO17jLb3K9JzlBEcBqL7Sq4XoNBKJ7u2buDaWpxlgPh84gohT_8dqCKt8r7sKWwQDgyvg"
        }
    },
    "required":[
        "grant_type"
    ],
    "type":"object"
}

Response

Supported Media Types

application/json

200 Response

Successful - Username/password correct and token returned.

Root Schema : schema

Type: object

Show Source

access_token: string

Pattern: ^[A-Za-z0-9-_.]+$

JWT based token which you add to the authorization header of every call to the API. See https://jwt.io for details

Example: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsic3Btcy1vYXV0aDItcmVzb3VyY2UiXSwidXNlcl9uYW1lIjoiaGVsbG8iLCJzY29wZSI6WyJBbGwiXSwib3JnYW5pemF0aW9uIjoiaGVsbG9DTmpiIiwiZXhwIjoxNTY4NzMwMTI0LCJhdXRob3JpdGllcyI6WyJBRE1JTiJdLCJqdGkiOiI1MjVhOTM3My1mMGE4LTQzNzctOTNkNy03ZDllMDBlMjMwYjUiLCJjbGllbnRfaWQiOiJjbGllbnRpZCJ9.T97KAuIlw0hEwG6t8s7SlZo8A9C0wVH5m9RzUAQacWwE4EV_wAPdrYnjHTbTdhnyHhVE4amxm8za3VSBG9IakG2ij5nqcg4Nq-MkRbDsyh-e7AMOSu9ZCnw6JfwVconRqJwDVgiR0IA83ZqgiC5h31vuXY7PUmpdxQ-6Lc1wynA_lWoGthevhTCVJWXIprum68CdvH6D-DAUK4p1fzPL20Q-cR0pQmkEiE-RMmEtglCqknsIPsVzB_Yz7B7n5ECuHtcuFME4VZSZcydXN1x0vZsqPINH4QBW0-PNDO9Zk1iWEGiRml_Ccc914b4yAVlhyCG77X5lmB1DUTNjla88Kw
expires_in: number

Minimum Value: 0

The number of seconds before the token expires (e.g 3600 is 1 hour)

Example: 3599
jti: string

Pattern: ^[A-Za-z0-9-_.]+$

Unique Id for the token. Not used in SPMS but returned from completeness. See https://tools.ietf.org/html/rfc7519#section-4.1.7

Example: 525a9373-f0a8-4377-93d7-7d9e00e230b5
organization: string

Pattern: ^[A-Za-z0-9-_.]+$

Organization of the user belongs to (for information purposes)

Example: COMPANY
refresh_token: string

Pattern: ^[A-Za-z0-9-_=]+\.[A-Za-z0-9-_=]+\.?[A-Za-z0-9-_.+/=]*$

Call the refreshed API URL with this token to retrieve a brand new token with a new expiry time.

Example: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsic3Btcy1vYXV0aDItcmVzb3VyY2UiXSwidXNlcl9uYW1lIjoiaGVsbG8iLCJzY29wZSI6WyJBbGwiXSwib3JnYW5pemF0aW9uIjoiaGVsbG9DTmpiIiwiYXRpIjoiNTI1YTkzNzMtZjBhOC00Mzc3LTkzZDctN2Q5ZTAwZTIzMGI1IiwiZXhwIjoxNTY4NzQ4MTI0LCJhdXRob3JpdGllcyI6WyJBRE1JTiJdLCJqdGkiOiI2MTMxYTljNy05YTc3LTRmYmMtYWQyZi01YWNkOTQzM2E4MjQiLCJjbGllbnRfaWQiOiJjbGllbnRpZCJ9.gkCMb1VreAmBDI51wYTfDVyaYQsbfgznNl1tb8hUEEpXsPm0ZlaTFynLr_VUFae6AbF1bHsktSMmpLc9jndIVHAJ3dIoV9vTtngf3XffGcS_HhzlyhHZSFiLb4zFXjFUFJ1WmBMK6FYLr3mBsta4nAI3q7jeF_QEC2rJFIr8z3sHTK0jJyDFXzwcnuNVPhLiuZ42qOatcxB4oA5n07JhJOCbA9dIyl4yVZkxvZR484lUOI32_i2EE0yx05xgwDIwNJMbdxo5WF99J6IWSJO17jLb3K9JzlBEcBqL7Sq4XoNBKJ7u2buDaWpxlgPh84gohT_8dqCKt8r7sKWwQDgyvg
scope: string

Scope of use of this token. The definition of scope can be found in https://tools.ietf.org/html/rfc6749#section-3.3 Informally, scope is a set of rights granted to this token (not the rights of the user)
token_type: string

Pattern: bearer

Always bearer, meaning you should supply this token as bearer in the authorization header field. Informally, Bearer means that the user (bearer) of the token as the access rights attributed by the JWT token

Example: bearer

{
    "properties":{
        "access_token":{
            "description":"JWT based token which you add to the authorization header of every call to the API. See https://jwt.io for details",
            "type":"string",
            "pattern":"^[A-Za-z0-9-_.]+$",
            "example":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsic3Btcy1vYXV0aDItcmVzb3VyY2UiXSwidXNlcl9uYW1lIjoiaGVsbG8iLCJzY29wZSI6WyJBbGwiXSwib3JnYW5pemF0aW9uIjoiaGVsbG9DTmpiIiwiZXhwIjoxNTY4NzMwMTI0LCJhdXRob3JpdGllcyI6WyJBRE1JTiJdLCJqdGkiOiI1MjVhOTM3My1mMGE4LTQzNzctOTNkNy03ZDllMDBlMjMwYjUiLCJjbGllbnRfaWQiOiJjbGllbnRpZCJ9.T97KAuIlw0hEwG6t8s7SlZo8A9C0wVH5m9RzUAQacWwE4EV_wAPdrYnjHTbTdhnyHhVE4amxm8za3VSBG9IakG2ij5nqcg4Nq-MkRbDsyh-e7AMOSu9ZCnw6JfwVconRqJwDVgiR0IA83ZqgiC5h31vuXY7PUmpdxQ-6Lc1wynA_lWoGthevhTCVJWXIprum68CdvH6D-DAUK4p1fzPL20Q-cR0pQmkEiE-RMmEtglCqknsIPsVzB_Yz7B7n5ECuHtcuFME4VZSZcydXN1x0vZsqPINH4QBW0-PNDO9Zk1iWEGiRml_Ccc914b4yAVlhyCG77X5lmB1DUTNjla88Kw"
        },
        "expires_in":{
            "description":"The number of seconds before the token expires (e.g 3600 is 1 hour)",
            "example":3599,
            "type":"number",
            "minimum":0
        },
        "jti":{
            "description":"Unique Id for the token. Not used in SPMS but returned from completeness. See https://tools.ietf.org/html/rfc7519#section-4.1.7",
            "pattern":"^[A-Za-z0-9-_.]+$",
            "example":"525a9373-f0a8-4377-93d7-7d9e00e230b5",
            "type":"string"
        },
        "refresh_token":{
            "description":"Call the refreshed API URL with this token to retrieve a brand new token with a new expiry time. ",
            "type":"string",
            "pattern":"^[A-Za-z0-9-_=]+\\.[A-Za-z0-9-_=]+\\.?[A-Za-z0-9-_.+/=]*$",
            "example":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsic3Btcy1vYXV0aDItcmVzb3VyY2UiXSwidXNlcl9uYW1lIjoiaGVsbG8iLCJzY29wZSI6WyJBbGwiXSwib3JnYW5pemF0aW9uIjoiaGVsbG9DTmpiIiwiYXRpIjoiNTI1YTkzNzMtZjBhOC00Mzc3LTkzZDctN2Q5ZTAwZTIzMGI1IiwiZXhwIjoxNTY4NzQ4MTI0LCJhdXRob3JpdGllcyI6WyJBRE1JTiJdLCJqdGkiOiI2MTMxYTljNy05YTc3LTRmYmMtYWQyZi01YWNkOTQzM2E4MjQiLCJjbGllbnRfaWQiOiJjbGllbnRpZCJ9.gkCMb1VreAmBDI51wYTfDVyaYQsbfgznNl1tb8hUEEpXsPm0ZlaTFynLr_VUFae6AbF1bHsktSMmpLc9jndIVHAJ3dIoV9vTtngf3XffGcS_HhzlyhHZSFiLb4zFXjFUFJ1WmBMK6FYLr3mBsta4nAI3q7jeF_QEC2rJFIr8z3sHTK0jJyDFXzwcnuNVPhLiuZ42qOatcxB4oA5n07JhJOCbA9dIyl4yVZkxvZR484lUOI32_i2EE0yx05xgwDIwNJMbdxo5WF99J6IWSJO17jLb3K9JzlBEcBqL7Sq4XoNBKJ7u2buDaWpxlgPh84gohT_8dqCKt8r7sKWwQDgyvg"
        },
        "scope":{
            "description":"Scope of use of this token. The definition of scope can be found in https://tools.ietf.org/html/rfc6749#section-3.3 Informally, scope is a set of rights granted to this token (not the rights of the user)",
            "type":"string"
        },
        "token_type":{
            "description":"Always bearer, meaning you should supply this token as bearer in the authorization header field. Informally, Bearer means that the user (bearer) of the token as the access rights attributed by the JWT token",
            "pattern":"bearer",
            "example":"bearer",
            "type":"string"
        },
        "organization":{
            "description":"Organization of the user belongs to (for information purposes)",
            "pattern":"^[A-Za-z0-9-_.]+$",
            "example":"COMPANY",
            "type":"string"
        }
    },
    "required":[
        "access_token",
        "scope",
        "expires_in",
        "token_type",
        "refresh_token",
        "jti",
        "organization"
    ],
    "type":"object"
}

Example Response (application/json)

{
    "access_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsic3Btcy1vYXV0aDItcmVzb3VyY2UiXSwidXNlcl9uYW1lIjoiaGVsbG8iLCJzY29wZSI6WyJBbGwiXSwib3JnYW5pemF0aW9uIjoiaGVsbG9DTmpiIiwiZXhwIjoxNTY4NzMwMTI0LCJhdXRob3JpdGllcyI6WyJBRE1JTiJdLCJqdGkiOiI1MjVhOTM3My1mMGE4LTQzNzctOTNkNy03ZDllMDBlMjMwYjUiLCJjbGllbnRfaWQiOiJjbGllbnRpZCJ9.T97KAuIlw0hEwG6t8s7SlZo8A9C0wVH5m9RzUAQacWwE4EV_wAPdrYnjHTbTdhnyHhVE4amxm8za3VSBG9IakG2ij5nqcg4Nq-MkRbDsyh-e7AMOSu9ZCnw6JfwVconRqJwDVgiR0IA83ZqgiC5h31vuXY7PUmpdxQ-6Lc1wynA_lWoGthevhTCVJWXIprum68CdvH6D-DAUK4p1fzPL20Q-cR0pQmkEiE-RMmEtglCqknsIPsVzB_Yz7B7n5ECuHtcuFME4VZSZcydXN1x0vZsqPINH4QBW0-PNDO9Zk1iWEGiRml_Ccc914b4yAVlhyCG77X5lmB1DUTNjla88Kw",
    "token_type":"bearer",
    "refresh_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsic3Btcy1vYXV0aDItcmVzb3VyY2UiXSwidXNlcl9uYW1lIjoiaGVsbG8iLCJzY29wZSI6WyJBbGwiXSwib3JnYW5pemF0aW9uIjoiaGVsbG9DTmpiIiwiYXRpIjoiNTI1YTkzNzMtZjBhOC00Mzc3LTkzZDctN2Q5ZTAwZTIzMGI1IiwiZXhwIjoxNTY4NzQ4MTI0LCJhdXRob3JpdGllcyI6WyJBRE1JTiJdLCJqdGkiOiI2MTMxYTljNy05YTc3LTRmYmMtYWQyZi01YWNkOTQzM2E4MjQiLCJjbGllbnRfaWQiOiJjbGllbnRpZCJ9.gkCMb1VreAmBDI51wYTfDVyaYQsbfgznNl1tb8hUEEpXsPm0ZlaTFynLr_VUFae6AbF1bHsktSMmpLc9jndIVHAJ3dIoV9vTtngf3XffGcS_HhzlyhHZSFiLb4zFXjFUFJ1WmBMK6FYLr3mBsta4nAI3q7jeF_QEC2rJFIr8z3sHTK0jJyDFXzwcnuNVPhLiuZ42qOatcxB4oA5n07JhJOCbA9dIyl4yVZkxvZR484lUOI32_i2EE0yx05xgwDIwNJMbdxo5WF99J6IWSJO17jLb3K9JzlBEcBqL7Sq4XoNBKJ7u2buDaWpxlgPh84gohT_8dqCKt8r7sKWwQDgyvg",
    "expires_in":3599,
    "scope":"All",
    "organization":"COMPANY",
    "jti":"525a9373-f0a8-4377-93d7-7d9e00e230b5"
}

400 Response

Bad Request

Root Schema : schema

Type: object

Show Source

error(optional): string

Pattern: ^[A-Za-z0-9-_.]+$

Code representing the reason why the attempt to authenticate the user failed.

Example: invalid_grant
error_description(optional): string

Pattern: ^[A-Za-z0-9-_.]+$

Short human readable description of why the attempt to authenticate failed.

Example: Bad credentials

{
    "properties":{
        "error":{
            "description":"Code representing the reason why the attempt to authenticate the user failed.",
            "pattern":"^[A-Za-z0-9-_.]+$",
            "example":"invalid_grant",
            "type":"string"
        },
        "error_description":{
            "description":"Short human readable description of why the attempt to authenticate failed.",
            "pattern":"^[A-Za-z0-9-_.]+$",
            "example":"Bad credentials",
            "type":"string"
        }
    },
    "type":"object"
}

Example Response (application/json)

{
    "error":"invalid_grant",
    "error_description":"Bad credentials"
}