Every request to the API requires a valid Token. Tokens can be requested from with the provided clientId , clientSecret, grantType and scope.

Example of response:
  "accessToken": "022bd89390b4d54608149a85fb544fc9bf2e31d82f742f03bde9ca000ba29c7a", 
  "currentTimeStamp": 1550571994, 
  "expiresIn": 3600, 
  "refreshToken": "5511e00a1495bf4d81efcfd25c578572183c977c6db61a022f92295902a92bc6", 
  "tokenType": "Bearer"

curl -X POST "" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"clientId\": \"some-client-ID\", \"clientSecret\": \"some-client-secret\", \"grantType\": \"clientCredentials\", \"scope\": \"reservations\"}"

In case of success you'll receive a json response with your accessToken.

Now you can make requests to other API endpoints with authorization token in header:

X-AUTH-TOKEN: 022bd89390b4d54608149a85fb544fc9bf2e31d82f742f03bde9ca000ba29c7a