Amadeus

Authorization

OAuth2 client credentials token endpoint used by every Self-Service API. Exchanges API key + secret for a short-lived bearer access token (~30 minute TTL).

GitHub OpenAPI

Documentation

📖
Documentation
https://developers.amadeus.com/self-service/apis-docs/guides/authorization-262

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/amadeus/refs/heads/main/openapi/amadeus-authorization-openapi.yml

Examples

📝
Example
https://raw.githubusercontent.com/api-evangelist/amadeus/refs/heads/main/examples/authorization-amadeus-oauth2-token-example.json

Schemas & Data

📊
JSONSchema
https://raw.githubusercontent.com/api-evangelist/amadeus/refs/heads/main/json-schema/authorization-amadeus-oauth2-token-schema.json
📊
JSONStructure
https://raw.githubusercontent.com/api-evangelist/amadeus/refs/heads/main/json-structure/authorization-amadeus-oauth2-token-structure.json

Other Resources

🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/amadeus/refs/heads/main/capabilities/authorization-oauth2-access-token.yaml

OpenAPI Specification

amadeus-authorization-openapi.yml Raw ↑ 
openapi: 3.0.0
info:
  description: |
    Amadeus for Developers uses OAuth2 to authenticate access requests. OAuth2 generates an access token which grants the client permission to access a protected resource. The method to acquire a token is called grant. There are different types of OAuth2 grants. Amadeus for Developers uses the Client Credentials Grant.
      https://developers.amadeus.com/self-service/apis-docs/guides/authorization-262
  title: Amadeus OAuth2 Login
  version: 1.0.0
servers:
  - url: https://test.api.amadeus.com/v1
paths:
  /security/oauth2/token:
    post:
      description: |-
        The token endpoint is used by the client to obtain an access token by presenting its authorization grant.
        To learn more about this endpoint please refer to the specification at https://tools.ietf.org/html/rfc6749#section-3.2
      tags:
        - OAuth2 Access Token
      summary: Amadeus The OAuth 2.0 Token Endpoint
      operationId: oauth2Token
      requestBody:
        content:
          application/x-www-form-urlencoded:
            schema:
              type: object
              properties:
                grant_type:
                  type: string
                  example: client_credentials
                client_id:
                  type: string
                client_secret:
                  type: string
              required:
                - grant_type
                - client_id
                - client_secret
            examples:
              Oauth2TokenRequestExample:
                summary: Default oauth2Token request
                x-microcks-default: true
                value:
                  grant_type: client_credentials
                  client_id: string-value
                  client_secret: string-value
      responses:
        '200':
          description: oauth2TokenResponse
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AmadeusOAuth2Token'
        '401':
          description: genericError
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '500':
          description: genericError
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
  /security/oauth2/token/{access_token}:
    get:
      description: |-
        Get token information
      tags:
        - OAuth2 Access Token
      summary: Amadeus The OAuth 2.0 Token Info Endpoint
      operationId: getOauth2TokenInfo
      parameters:
        - in: path
          name: access_token
          schema:
            type: string
          required: true
          example: string-value
      responses:
        '200':
          description: oauth2TokenResponse
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AmadeusOAuth2Token'
        '404':
          description: genericError
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK
components:
  schemas:
    AmadeusOAuth2Token:
      description: The token response
      type: object
      properties:
        type:
          description: The access token issued by the authorization server.
          type: string
          example: string-value
        username:
          description: The user who requested the access_token
          type: string
          example: Sample Name
        application_name:
          description: The application which is requested the access_token
          type: string
          example: Sample Name
        client_id:
          description: The client_id is a public identifier for apps
          type: string
          example: '12345'
        token_type:
          description: token_type is a parameter in Access Token generate call to Authorization server, which essentially represents how an access_token will be generated and presented for resource access calls
          type: string
          example: string-value
        access_token:
          description: Access tokens are a String which applications use to make API requests on behalf of a user.
          type: string
          example: string-value
        expires_in:
          description: The lifetime in seconds of the access token
          type: integer
          format: int64
          example: 1
        state:
          description: The state
          type: string
          example: string-value
        scope:
          description: Scope is a mechanism in OAuth 2.0 to limit an application's access to a user's account
          type: string
          example: string-value
      example:
        "type": "amadeusOAuth2Token"
        "username": "[email protected]"
        "application_name": "My Application"
        "client_id": "Hs0sNkpTXeu0t2Hw2rLITofK8QELGdfsf"
        "token_type": "Bearer"
        "access_token": "f8XgboI1oKyNw7w23bnnAbFANidfgC"
        "expires_in": 1799
        "state": "approved"
        "scope": ""
    ErrorResponse:
      description: Error responses are sent when an error (e.g. unauthorized, bad request, ...) occurred.
      type: object
      title: ErrorResponse
      required:
        - error
        - error_description
        - code
        - title
      properties:
        error:
          description: Name is the error name.
          type: string
          example: string-value
        error_description:
          description: A small description about the error
          type: string
          example: Sample description text.
        code:
          description: Debug contains debug information.
          type: integer
          format: int64
          example: 1
        title:
          description: Debug contains debug information. This is usually not available and has to be enabled.
          type: string
          example: string-value
      example:
        "error": "invalid_client"
        "error_description": "Client credentials are invalid"
        "code": 38187
        "title": "Invalid parameters"