1. User Guide
  2. Using the Oracle Hospitality APIs
  3. Oracle Hospitality Property APIs with Resource Owner Group Authentication (SSD)
  4. Authenticating to Oracle Hospitality Property APIs

Authenticating to Oracle Hospitality Property APIs

You can call Oracle Hospitality APIs using different authentication schemes depending on the scheme supported by your environment. The authentication scheme supported by your environment can be found on the environments card under the Environments tab. For more information, see Viewing Environment Details.

To call Oracle Hospitality APIs using the Resource Owner-based authentication scheme, you need the following pieces of information:

  1. Integration username and password: A username and password for an integration account in Oracle Hospitality Shared Security Domain granted by a hotel administrator to permit access to their data. This is one of the pieces of information needed to obtain the oAuth token. You can request this through the Oracle Hospitality Shared Security Domain (SSD) partner self-service registration portal. Completing and submitting this form sends a partner registration request to the OPERA customer for approval.

    Note:

    Every partner must have a unique integration user. This integration user is unique to one OPERA Tenant/Chain. Therefore, if you are accessing multiple OPERA Tenants/Chains, you need to request multiple integration users.

    Please ensure you are signed out of the Oracle Hospitality Shared Security Domain (SSD) before requesting your integration user. If you are signed out, ‘Anonymous’ appears at the top right of the screen.

    • Go to the SSD URL you obtained from the customer. For more information, see Obtaining Details from the Hotel.

    • Specify the Tenant /Chain code as advised by the hotel, or else enter hotel code(s) advised by the hotel.

    • Avoid spaces in the Vendor name field and keep the name to a maximum of 10 characters.

    • Once the hotel approves your integration user, you will receive an email.

    • For more information on this step, refer to the Partner Self-Registration Guide attached to the following Customer Support Portal document:

      Oracle Hospitality Shared Security Domain (SSD) for OPERA

    Note:

    Please note and keep secure your generated interface ID and key. The interface ID is your integration user’s username, and the interface key is your integration user password.

  2. OAuth Client ID and Client Secret: These grant you access to the identity servers (Oracle Hospitality Shared Security Domain). See Environments (Gateways and Credentials) for steps on how to view or add these.

  3. Application key: A unique application key is created for each application upon registering an application in the Oracle Hospitality Developer Portal. This key must be passed in the “x-app-key” header of every request to the Oracle Hospitality APIs. To obtain your application key, refer to Viewing the Application Key.

Note:

A new application and its corresponding application key are required when you move to Production.

Only follow the below steps if this authentication scheme appears on the Environments tab.

  1. To obtain your oAuth token, use the above details in the ‘Authenticate with the Identity Server’ call in the oAuth API. You can find this description in the oAuth API on the APIs page of the Developer Portal.

  2. Send this oAuth request to the gateway URL listed in the Developer Portal.

Note:

oAuth tokens expire after 1 hour (60 minutes). Currently, we do not support refresh tokens.

Parent topic: Oracle Hospitality Property APIs with Resource Owner Group Authentication (SSD)