Skip to content
/Authentication

Authentication API (1.0.0)

Obtain an OAuth2 access token from Amazon Cognito using the client_credentials grant.

The returned access_token must be sent as a Bearer token in the Authorization header when calling the Check In Service API endpoints defined in openapi.yaml.

Download OpenAPI description
auth.json
auth.yaml
Languages
Servers
Mock server
https://developer.corpay-lodging.com/_mock/api/auth
Authentication Server
https://cps-poc-api-access.auth.eu-south-2.amazoncognito.com

Authentication

Operations

Obtain Access Token

Request

Exchange client credentials for a bearer token.

Equivalent curl request:

curl --location 'https://cps-poc-api-access.auth.eu-south-2.amazoncognito.com/oauth2/token' \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data-urlencode 'grant_type=client_credentials' \
  --data-urlencode 'client_id=<your_client_id>' \
  --data-urlencode 'client_secret=<your_client_secret>'
Bodyapplication/x-www-form-urlencodedrequired
grant_typestringrequired

Must be client_credentials

Value"client_credentials"
Example: "client_credentials"
client_idstringrequired

The OAuth2 client ID issued by Amazon Cognito

Example: "4356456"
client_secretstringrequired

The OAuth2 client secret issued by Amazon Cognito

Example: "123ga"
curl -i -X POST \
  https://developer.corpay-lodging.com/_mock/api/auth/oauth2/token \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d grant_type=client_credentials \
  -d client_id=someId \
  -d client_secret=someSecret

Responses

Token issued successfully

Bodyapplication/json
access_tokenstring

Bearer token to include in the Authorization header of API requests

expires_ininteger

Token lifetime in seconds

Example: 3600
token_typestring

Always Bearer

Example: "Bearer"
Response
application/json
{
  "access_token": "eyJraWQiOiJhYmNkZWYxMjM0NTY3ODkw...",
  "expires_in": 3600,
  "token_type": "Bearer"
}