Registration and access process for Eptura Public APIs
Early AccessEarly access to the Eptura Public API is by invitation only. |
Subscription packages
Eptura public APIs include APIs for all Eptura modules. Customers who want to use specific Eptura modules can subscribe to specific packages.
|
|
Package |
Quota Limits |
|---|---|---|
Eptura Public APIIncludes APIs for all modules |
Starter | 100,000 calls per week |
|
Advanced |
200,000 calls per week |
|
|
Power |
500,000 calls per week |
|
Space APIs |
Starter |
100,000 calls per week |
|
Advanced |
200,000 calls per week |
|
|
Power |
500,000 calls per week |
|
Asset APIs |
Starter |
100,000 calls per week |
|
Advanced |
200,000 calls per week |
|
|
Power |
500,000 calls per week |
|
Booking APIs |
Starter |
100,000 calls per week |
|
Advanced |
200,000 calls per week |
|
|
Power |
500,000 calls per week |
|
Visitor APIs |
Starter |
100,000 calls per week |
|
Advanced |
200,000 calls per week |
|
|
Power |
500,000 calls per week |
Contact your Eptura account representative to add additional APIs to your subscription
Register and Activate the Subscription
Follow the steps in API Access: Subscribe to the Eptura Public APIs.
For the value of Ocp-Apim-Subscription-Key, use the Subscription Key.
Follow the Authentication steps below to generate the Bearer token value.
Authentication
There are two authentication headers required in API calls with the Eptura application:
- Ocp-Apim-Subscription-Key: API security token
- Session Token: Application security token also known as the JWT Bearer Token.
Subscription Keys
Subscription keys are assigned after registering and individual subscription keys are provided on your account for each subscribed product.
JWT token in bearer
Along with a subscription key, you must provide a validated JSON Web Token (JWT) to access the Eptura API.
We use the Private / Public Key method for Service authentication with Okta. These apps will be seeded with the Auth Service so they are created / managed correctly for all the tenants.
-
Create a private / public key. Both RSA and Elliptic Curve (EC) keys are supported.
-
Example
-
Key size: 2048
-
Key use: signature
-
Algorithm: RSA256
-
Key ID: This can be any random value/guid.
-
-
Create an endpoint to host your public key. E.g. https://[mydomain.com]/public/eptura/keys shows the following:
{
"keys": [
{
"kty": "RSA",
"e": "AQAB",
"use": "sig",
"kid": "my_key_id",
"alg": "RS256",
"n": "u0VYW2-76A_lYg5NQihhcPJYYU9-NHbNaO6LFERWnOUbU7l3MJdmCailwSzjO76O-2GdLE-
Hn2kx04jWCCPofnQ8xNmFScNo8UQ1dKVq0UkFK-sl-Z0Uu19GiZa2fxSWwg_1g2t-
ZpNtKCI279xGBi_hTnupqciUonWe6CIvTv0FfX0LiMqQqjARxPS-
6fdBZq8WN9qLGDwpjHK81CoYuzASOezVFYDDyXYzV0X3X_kFVt2sqL5DVN684bEbTsWl91vV-
bGmswrlQ0UVUq6t78VdgMrj0RZBD-lFNJcY7CwyugpgLbnm4HEJmCOWJOdjVLj3hFxVVblNJQQ1Z15UXw"
}
]
}
-
Share your URL with Eptura Customer Support e.g. https://[mydomain.com]/public/eptura/keys and Eptura Customer Support will provide the Client ID and Issuer required for you to create the token.
-
Generate the JWT bearer token (see below).
Generate a JWT
Constructing your JWT requires the following values to be set:
- Headers
- kid - the key ID.
- alg - signing algorithm. The algorithm values RS256, RS384, RS512, ES256, ES384, and ES512 are supported.
- Payload
- aud - the issuer path for token. Entered in the format: {issuer}/v1/token
- iat - issued at. Optional. The issuing time of the token in seconds since January 1, 1970 UTC (current UNIX timestamp).
- exp - expiry. The expiration time of the token in seconds since January 1, 1970 UTC (current UNIX timestamp). This value must not exceed 1 hour in the future.
- iss - clientId provided.
- sub - clientId provided.
- jti - unique identifier for the JWT. Optional but recommended. Okta will not allow the same token to be replayed if it has a jti set.
Learn more: https://developer.okta.com/docs/guides/build-self-signed-jwt/java/main/#build-a-jwt-with-a-private-key