RhomTrip Developer
  • Welcome
  • GETTING STARTED
    • Glossary of Terms
    • Errors
    • HTTP Headers
    • Authentication
    • Endpoints and Capabilities
    • Data Schemas
    • Development Support
  • RhomTrip API CORE
    • Transfers
    • Products (In Progress)
    • Availability (In Progress)
    • Bookings
      • Transfers
      • Products (In Progress)
  • CAPABILITY
    • Pricing
    • Webhooks
  • ADDITIONAL RESOURCES
    • Postman Collections
Powered by GitBook
On this page
  1. GETTING STARTED

Authentication

PreviousHTTP HeadersNextEndpoints and Capabilities

Last updated 5 months ago

RhomTrip utilizes Bearer token authentication. To authenticate requests, an API key must be sent as a Bearer token in the Authorization of your request:

GET /products HTTP/1.1
Host: {host}
Authorization: Bearer {your_API_key}

For security purposes, it is recommended to use a unique API key for each application.

All API requests must be made over HTTPS to ensure data security. Calls made over plain HTTP should fail. API requests without authentication will also fail. If the token is invalid or has been deactivated by RhomTrip, a 403 Forbidden error will be returned.

header