Authentication Endpoints

Caribbean
Colombia
Mexico

Token. Method: POST /token

This endpoint is used to retrieve a token to use in header application.
It´s used internally to identify the institution and grant access only to its respective environment.

  1. Parameters:
    a. Grant_type: fixed value “password”
    b. Client_id: fixed value “boarding-ui” for all External Boarding APIs
    c. Username: to be provided – specific for each institution and environment
    d. Password: to be provided – specific for each institution and environment
  2. Responses
    a. “200” – OK. Indicates that the access is granted, and the token can be used in the header of other methods.
    token_type string
    expires_in integer($int64)
    refresh_expires_in integer($int64)
    access_token string
    refresh_token string
    b. “401” – Unauthorized. Indicates that the access is not granted and will not return a token. Users should correct parameters and resubmit.

Refresh Token. Method: POST /token/refresh

Endpoint is used to refresh an expired token to use in header application.

  1. Parameters:
    a. Refresh_token: the content of “refresh_token” field received in post / token method´s response.
  2. Responses
    a. “200” – OK. Indicates that the token is revalidated can be used in the header of other methods.
    token_type string
    expires_in integer($int64)
    refresh_expires_in integer($int64)
    access_token string
    refresh_token string
  3. Inquire Endpoints
    a. Valid Values. This set of methods are used to provide the valid values, formats, patterns of the fields used in the boarding and maintenance payloads, according to institution parametrization on the backend systems.

Any field that needs to use information retrieved from those methods, are documented in the API description, mentioning the method and fieldname to be used.

If an optional field has this documentation and is not returned in the respective method, it should not be informed. It means that the field is not supported for the institution.
All fields will be validated, as per the results of the respective get method.
Despite of not necessary to use those methods in every single boarding / maintenance, it´s strongly recommended that, the returned fields and values are updated occasionally, to provide updated information in the respective payloads.