Skip to main content

Authentication

IP allowlisting

Any IPs accessing our NDC gateway must be explicitly allowlisted. Please provide a list of IPs you will use to access our gateway, and specify whether these IPs will access our sandbox or production environments. Requests to allow additional IPs are typically fulfilled within one week.

Gateway authorization

All requests to the Breeze NDC gateway must provide an Ocp-Apim-Subscription-Key header. This secret is unique to each partner and each environment.

Session authorization

Authentication requests create a unique, stateful session in Breeze's reservation system for shopping and order management. A unique authentication token must be used for each shopping session starting from OfferPrice.

Credential exchange

Breeze sends credentials to a named contact with our partners using a secure BitWarden link from https://send.bitwarden.com. This link has a limited number of uses and expires.

/api/Selling/r3.x/Auth
Authorization header: Basic {Credential}  

{
  "grant_type":"client_credentials"
}
Faster performance

Authentication requests are twice as fast when the optional role parameter is declared. When role codes are undefined, our NDC gateway must make an additional network request to the reservation system.

/api/Selling/r3.x/Auth?role={rolecode}

{
  "grant_type":"client_credentials"
}