Vacatia API Catalog
/
Cloudbeds API
/
Authentication
/
access_token

Cloudbeds API (v1.2)

Welcome to the documentation for Cloudbeds API Version v1.2! If you are looking to learn how to use the Cloudbeds API to access guest information, reservations, or similar data for your Cloudbeds customers, then you've come to the right place.

In this document you will find all the API methods we provide along with explanations for parameters and response examples.

If you have questions about different implementation steps (e.g. how to implement OAuth 2.0), please refer to our Integrations Portal.

Be sure to subscribe to the monthly Cloudbeds API announcement mailing list to receive information on new additions and improvements to the Cloudbeds API and related developer tools.

Endpoint: https://api.cloudbeds.com/api/v1.2/{method}

HTTPS: Our API requires HTTPS. We'll respond with an appropriate error if you're not using it.

Request Format: HTTP GET, POST and PUT (Content-Type: application/x-www-form-urlencoded)

Response Format: JSON

Response Header: X-Request-ID is added to response headers in all calls to help accelerate support and troubleshooting.

Run in Postman use this link to access our Public collection in Postman.

Download OpenAPI description
cloudbeds.json
cloudbeds.yaml
Languages
Servers
Mock server
https://tbg-api-docs.vacatia.com/_mock/cloudbeds/
https://api.cloudbeds.com/api/v1.2/

Authentication

Operations

metadata

Request

In the context of properties being distributed across multiple localizations, this endpoint serves to retrieve the precise location of the property associated with the provided access token. Further information can be found in the Authentication guide.

curl -i -X GET \
  https://tbg-api-docs.vacatia.com/_mock/cloudbeds/oauth/metadata

Responses

200 Response

Bodyapplication/json
successstring

True if property can be found

dataobject
messagestring or null

To be used in case any error occurs (if success = false). If success = true, it does not exist.

Response
application/json
{
  "success": "string",
  "data": {
    "api": { … }
  },
  "message": "string"
}

access_token

Request

Query the authorization server for an access token used to access property resources.
If the automatic delivery method for API keys is used, the grant type urn:ietf:params:oauth:grant-type:api-key needs to be used to request an API key. This grant type requires grant_type=urn:ietf:params:oauth:grant-type:api-key, client_id, client_secret, redirect_uri and code.
For OAuth 2.0., two different grant types (authorization_code, refresh_token) are supported. Authorization code grant type requires grant_type=authorization_code, client_id, client_secret, redirect_uri, code. Refresh token grant type requires grant_type=refresh_token, client_id, client_secret, refresh_token.
Read the Authentication guide for implementation tips, user flows and testing advice.

Bodyapplication/x-www-form-urlencoded
grant_typestring or null

The OAuth2 grant type.

Enum"authorization_code""refresh_token""urn:ietf:params:oauth:grant-type:api-key"
client_idstring or null

The client identifier. Each client must be provisioned an identifier.

client_secretstring or null

The client secret. Each client must be provisioned a secret.

redirect_uristring or null

The client pre-configured redirect URI. (Required for grant type 'authorization_code' and 'urn:ietf:params:oauth:grant-type:api-key').

codestring or null

An authorization code provisioned by /oauth (Required for grant type 'authorization_code' and 'urn:ietf:params:oauth:grant-type:api-key').

refresh_tokenstring or null

A refresh token to renew an access_token (Required for grant type 'refresh_token' only).

curl -i -X POST \
  https://tbg-api-docs.vacatia.com/_mock/cloudbeds/access_token \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d grant_type=authorization_code \
  -d client_id=string \
  -d client_secret=string \
  -d redirect_uri=string \
  -d code=string \
  -d refresh_token=string

Responses

200 Response

Bodyapplication/json
access_tokenstring

Authenticated access token.

token_typestring

The type of the access token authenticated.

expires_ininteger

The expiration time of the access token in seconds.

refresh_tokenstring

A token to refresh your access token without performing the full auth flow.

resourcesArray of objects

List of resources associated with the token during consent

Response
application/json
{
  "access_token": "string",
  "token_type": "string",
  "expires_in": 0,
  "refresh_token": "string",
  "resources": [
    { … }
  ]
}

userinfo

Request

Returns information on user who authorized connection

Query
property_idstring

Specify a property ID when using role_details

role_detailsboolean

Specify whether to include role and acl details of the user.

curl -i -X GET \
  'https://tbg-api-docs.vacatia.com/_mock/cloudbeds/userinfo?property_id=string&role_details=true'

Responses

200 Response

Bodyapplication/json
user_idstring

ID of user

first_namestring

Authorized users' first name.

last_namestring

Authorized users' last name.

emailstring

Authorized users' email.

aclArray of strings or null

Authorized users' access control list.

rolesArray of objects or null

Authorized users' role information.

Response
application/json
{
  "user_id": "string",
  "first_name": "string",
  "last_name": "string",
  "email": "string",
  "acl": [
    "string"
  ],
  "roles": [
    { … }
  ]
}

Adjustment

Operations

AllotmentBlocks

Operations

AppSettings

Operations

Currency

Operations

CustomFields

Operations

Dashboard

Operations

Emails

Operations

Groups

Operations

Guest

Operations

Hotel

Operations

HouseAccount

Operations

Housekeeping

Operations

Integration

Operations

Invoices

Operations

Item

Operations

Package

Operations

Payment

Operations

Rate

Operations

Reservation

Operations

Room

Operations

Taxes and Fees

Operations

User

Operations