Making Authenticated Requests

As an Integrator, once you have obtained an API access token, you can make authenticated requests to the REST API. Authenticated requests are accompanied with a header:

Authorization: Bearer {access_token}

Where {access_token} is replaced with the permanent token.

Responses

If the {access_token} is:

  • Present and Valid — An appropriate response will be returned by the resource server
  • Missing, Invalid, or Expired — An HTTP 401 Unauthorized is returned
  • Insufficient for Access — An HTTP 403 Forbidden is returned
{
  "errors": [
    {
      "status": 401,
      "title": "Unauthorized",
      "detail": "This request requires authorization in the form of a bearer token or API key."
    }
  ]
}
{
  "errors": [
    {
      "source": {
        "header": "Authorization"
      },
      "title": "Invalid Token",
      "code": "2-10",
      "detail": "Verification failed"
    }
  ]
}
{
  "errors": [
    {
      "status": 401,
      "title": "Unauthorized",
      "detail": "The access token is expired."
    }
  ]
}
{
  "errors": [
    {
      "status": 403,
      "title": "Invalid Scope",
      "detail": "View menu data for listings"
    }
  ]
}

What’s Next