POST
/authtokenAuthorization
This endpoint authenticates the validity of a username and password combination. A valid token will be generated if the authentication is successful. Use the username and password provided to you in your Carrental API packet.
POST
/authtokenImplementation Notes
To access protected endpoints, you must generate a token first. The generated token is valid for the duration specified in the
expiresIn response field. We recommend caching the token locally and only requesting a new token once the current one is close to expiration to avoid unnecessary overhead and potential rate limiting.Bearer Token Authentication
The access token must be appended to the 'Authorization Header' as depicted in the example below:
Authorization: Bearer A90324XXZUZUgpO0dd6npHcM83CJ...Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
» userName | body | string | Required | The unique API username assigned to your account. |
» password | body | string | Required | The API password associated with the username. |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | |
| 400 | Bad Request | Invalid grant type | None |
| 401 | Unauthorized | Authentication Failed or Account validity Expired | None |
| 403 | Forbidden | Forbidden - Access denied | None |
| 404 | Not Found | No user found with username: {userName} | None |
| 500 | Internal Server Error | Internal Server Error | None |
Response Notes
- Upon successful authentication, the response returns a status code of <code>200 OK</code> along with the JWT bearer token and its expiry timestamps. If the credentials are invalid or expired, the API returns the appropriate <code>401 Unauthorized</code> or <code>404 Not Found</code> error code. Ensure you handle token expiry gracefully by implementing automatic renewal.
Code Samples
# You can also use wget
curl -X POST /authtoken \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer {access-token}' \
-d '{"userName":"string","password":"string"}'
Body parameter
{
"userName": "string",
"password": "string"
}
Example responses
200 Response
{
"type": "string",
"token": "string",
"expiresIn": "string",
"issued": "string",
"expires": "string"
}
Need Support?
Our team is here to help you integrate and make the most of our APIs. Get in touch for technical support, custom solutions, or any questions.