OctoTable API
  • 👋Welcome to OctoTable's API BETA documentation
  • Getting Started with the API Collection in Postman
  • Create Clients
    • 🆕How to create clients
  • Authentication
    • 🔑Create Token
  • Getting started with reservations
    • 🍴Create your restaurant
    • đŸŊī¸Manage your rooms
      • đŸĒ‘Manage your tables and booking components
      • 📅Manage your services
    • 📝Manage your reservations
      • 🗓ī¸Get booking!
      • ⁉ī¸Where are my slots?
    • ⚠ī¸Error Manual
      • Overview
      • Error reasons
Powered by GitBook
On this page
  1. Authentication

Create Token

Here you can find the steps you should do to Authenticate to access our API

PreviousHow to create clientsNextCreate your restaurant

Last updated 3 months ago

ℹī¸ Create Token (OAuth 2.0 - Client Credentials Grant)

To interact with our reservation system API, you'll need to authenticate using OAuth 2.0, specifically the Client Credentials Grant flow. This method is designed for server-to-server communication without involving a user. Below, you'll find detailed instructions on how to obtain an access token, which you will use in subsequent API calls.

⚙ī¸ Use the base resource URL for the following examples, or 

https://api.octorate.com/octotable-pms/api/v2

ℹī¸ Authentication Method Overview

Our API uses OAuth 2.0 to ensure secure access to protected resources. In this flow:

  1. Client Identification: Your application authenticates using a unique Client ID and Client Secret provided during registration.

  2. Requesting an Access Token: The client sends a POST request to our authorization server to obtain an access token. The type of the provided token is "Bearer".

  3. API Access: The access token must be included in the header of each subsequent API request to authenticate and authorize access to the system's protected resources.

Step 1: Request an Access Token (or use your favorite programming language )

Create a new token

POST /oauth2/token

Generate new access token

Headers

Name
Value

Content-Type

application/json

Accept

application/json

Body

Name
Value
Description

grant_type

client_credentials

The credential type to exchange for an access token

client_id

<your_client_id>

The client id provided after registration

client_secret

<your_client_secret>

The client secret provided after registration

Response

{
    "access_token": "YOUR_ACCESS_TOKEN",
    "expires_in": 1440,
    "type": "Bearer"
}

Step 2: Include it in the Authorization header of all your subsequent API requests (see complete examples in collection Postman)

curl -X GET https://api.octotable.com/api/v2/ -H "Authorization: Bearer YOUR_ACCESS_TOKEN"

🔑
see complete collection
see more