Using the Basic authentication scheme
You can also use the HTTP basic authentication scheme to authenticate an incoming request instead of the token-based authentication method. To get a successful response from Booking.com Connectivity APIs, you must provide your credentials as an Authorization header in each request.
For example:
Authorization: Basic {username:password}{username:password} represents the Base64-encoded (RFC2045-MIME) credentials for your machine account.
Enhanced authentication rules
Booking.com enforces the following authentication and authorisation rules for enhanced protection and security:
- Specify the authentication details such as username and password only using the request
Header. Credentials provided in the request body are ignored. - Make sure the username is case-sensitive and doesn't contain leading white space.
- We have revised our password policy and no longer support the
+character in the password. If your existing password contains+character, make sure to create a new password using the Connectivity Portal.
Authentication failure
The API returns HTTP 401 for failed authentication attempts. The response body will be different for OTA and B.XML endpoints.
B.XML example
<?xml version='1.0' standalone='yes'?>
<reservations>
<fault code="401"
string="Authorization Required" />
</reservations>OTA example
<OTA_HotelResModifyNotifRS xmlns="http://www.opentravel.org/OTA/2003/05" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.opentravel.org/OTA/2003/05 OTA_HotelResModifyNotifRS.xsd" TimeStamp="2018-06-22T14:56:37+00:00" Target="Production" Version="2.001">
<Errors>
<Error ShortText="Authorization Required"/>
</Errors>
</OTA_HotelResModifyNotifRS>Troubleshooting
If your requests repeatedly fail authentication, check that:
- Your request includes the
Authorizationheader; - Your machine account credentials are correct;
- The IP whitelist for your machine account is up-to-date;
- You have access to the endpoint you're calling (contact us if you're not sure).