Securing Requests

For security reasons, you should include the API key or access token in each request header to make sure that the request coming from your side, otherwise the request will be discarded.

So, there are two types of authentication that you can use, Service Key or OAuth2.

Using Service Key

To verify the request that comes from your side, you need to do the following:

1- You will get service_key for your service from service provider (Availo team).

2- Every request to Availo will contain a header with name service_key.

Every request to Availo will contain a header with name authentication_type as a key and the value is service-key (this step is optional).

Using OAuth2

To verify the request that comes from your side, you need to do the following:

1- You will get password for your service from service provider (Availo team).

2- You need to call GenerateToken API (you can find the API description on page 5) for getting the access token that will be expired after 15 minutes (config Key).

3- Every request to Availo will contain header with name access_token as a key and the value is that returned from the GenerateToken API.

4- Every request to Availo will contain header with name authentication_type as a key and the value is oauth2 (this step is optional).