Token Based Authentication

A secure authentication mechanism that allows API access using a generated Token.

UPDATE NOTICE

We have launched a new Token-based Authentication mechanism, which is active on Production.

Generate Access Token for Authentication

This endpoint is used to generate an access token required for authenticating.

Endpoint

GET

https://connect-sandbox.su-api.com/SUAPI/jservice/auth/generate-access-token

Header

client-id: base64_encode(domain)
client-secret: (you can generate from extranet) 

Header	Type	Required	Description
client-id	string	Yes	Base64-encoded domain name
client-secret	string	Yes	Client secret key

Note on Generating Access Token:

1. The client-id remains the same for both Sandbox and Production environments.

2. The client-secret differs between the Sandbox and Production accounts.

3. Access tokens generated for the Sandbox environment are prefixed with "sandbox_".

4. Access tokens generated for the Production environment are prefixed with "live_".

5. Tokens for Sandbox and Production are distinct and cannot be used interchangeably.

---

Success Response - For Production

{
    "success": true,
    "data": {
        "token_type": "Bearer",
        "token": "live_eyJpdiI6IlI1NGR6dndiRTNpci9lcGRZSm8wMXc9PSIsInZhbHVlIjoidEI1NW1SVVNQclFqa0VLRE43aUVXT21YL24yTzViSHRMTHJTYnQ3S2xhYzJ6TFZlMFI0R21oNHZEcHk4M0JuYytvQ3I3NnowL1FsaTNvNkxmbno0UFRSaTVEcjRmMmNNSysvZ29aNzQvNi82QjV4TVhWRTdsbHRybGtWeEJ5MXZYSkJVbjJIL2xHVkRrOGdKcjZnN1lRPT0iLCJtYWMiOiJjNjE5NjI5NTZjNjAwYmQ0NTM1MjBiMjhkNTcxOWFmNzUzMjQzMDBkMDU1ZTE1OGVmY2YyMmM5NmRiNzFkM2YxIiwidGFnIjoiIn0=",
        "expire_in": "3600"
    },
    "message": "Access Token generated successfully"
}

Success Response - For Sandbox

{
    "success": true,
    "data": {
        "token_type": "Bearer",
        "token": "sandbox_eyJpdiI6InVTL013bmlpc3VMZVVISmxqNldMMVE9PSIsInZhbHVlIjoiS05nVTVWQ1oxNVVQdk1hWHViZjlUbVRIc0owbjJWdnV1UW1tNlFRN0xjRTlVL0ZRQ093Rjd0SmtZay9kUTJ0dlRlOWl2K2VpZ2Q4MUVuUDhBb3hNQW1XeE81YzA4MXpmZmNDVHk4N0hSV0NCNGRrbXkrLytrS3A1cUtTSHdWWmYyYTY5SXVDNnFoTVdYSVIvalNneTdnPT0iLCJtYWMiOiJhOGUyOWUyNjMwYzE5MjI5MGMwNTI0OTk2Y2Q4ZmQzM2M1NjJmMDAzMjI3NzJjMjYyNmY1ZDQxOTJmNDU2ZWE2IiwidGFnIjoiIn0=",
        "expire_in": "3600"
    },
    "message": "Access Token generated successfully"
}

---

Response Body Parameters

success boolean

Indicates whether the token generation was successful (true or false).

---

data object

Contains the access token details.

---

token_type string

Type of token. Always Bearer.

---

token string

The actual access token to be used in the Authorization header.

---

expire_in string

Token expiry duration in seconds.

---

message string

Message indicating the result of the token generation request.

---

Validate Access Token for Authentication

This endpoint is used to generate an access token required for authenticating.

Endpoint

GET

https://connect-sandbox.su-api.com/SUAPI/jservice/pmsproperty

---

Header

When making authenticated API calls, an Access Token must be provided using the Authorization header in the format below:

Authorization: Bearer <access_token>

The <access_token> varies depending on whether you're working with the Production or Sandbox environment.

Notes for Validating Access Token

1. The app-id parameter is not required when validating an access token.

2. The Authorization header must use the Bearer prefix (For example, Bearer <token>), not Basic.

3. Access tokens are different for each environment (For example, sandbox and production).

4. If the token is valid, the API will return a successful response.

5. If the token is invalid or expired, the API will respond with an “Authorization Required” error.

---

1. Production Environment Token

Authorization: Bearer live_<token_string> // required

• Tokens prefixed with live_ are specific to the production environment.

• These tokens are valid only for production API endpoints.

• Example:

Authorization: Bearer live_eyJpdiI6IlI1NGR6dndiRTNpci9lcGRZSm8wMXc9PSIsInZhbHVlIjoidEI1NW1SVVNQclFqa0VLRE43aUVXT21YL24yTzViSHRMTHJTYnQ3S2xhYzJ6TFZlMFI0R21oNHZEcHk4M0JuYytvQ3I3NnowL1FsaTNvNkxmbno0UFRSaTVEcjRmMmNNSysvZ29aNzQvNi82QjV4TVhWRTdsbHRybGtWeEJ5MXZYSkJVbjJIL2xHVkRrOGdKcjZnN1lRPT0iLCJtYWMiOiJjNjE5NjI5NTZjNjAwYmQ0NTM1MjBiMjhkNTcxOWFmNzUzMjQzMDBkMDU1ZTE1OGVmY2YyMmM5NmRiNzFkM2YxIiwidGFnIjoiIn0=

---

2. Sandbox Environment Token

Authorization: Bearer sandbox_<token_string>

• Tokens prefixed with sandbox_ are specific to the sandbox/test environment.

• These cannot be used with production endpoints.

• Example:

  Authorization: Bearer sandbox_eyJpdiI6InVTL013bmlpc3VMZVVISmxqNldMMVE9PSIsInZhbHVlIjoiS05nVTVWQ1oxNVVQdk1hWHViZjlUbVRIc0owbjJWdnV1UW1tNlFRN0xjRTlVL0ZRQ093Rjd0SmtZay9kUTJ0dlRlOWl2K2VpZ2Q4MUVuUDhBb3hNQW1XeE81YzA4MXpmZmNDVHk4N0hSV0NCNGRrbXkrLytrS3A1cUtTSHdWWmYyYTY5SXVDNnFoTVdYSVIvalNneTdnPT0iLCJtYWMiOiJhOGUyOWUyNjMwYzE5MjI5MGMwNTI0OTk2Y2Q4ZmQzM2M1NjJmMDAzMjI3NzJjMjYyNmY1ZDQxOTJmNDU2ZWE2IiwidGFnIjoiIn0=