This system (Rent-a-car Web API) allows connection of rent-a-car company (provider) with agencies (consumers) allowing cars availability checks, price quotes and booking management. Technology used is a REST application with OAUTH 2 authentication and authorization.
Provider: Rent-a-car agency which uses this system as back-end application.
Consumer: Partner agency that connects to this API.
API: "Rent-a-car Web API", this system that allows consumers to:
Client: application that connects to this API
REST: stateless, client-server, communications protocol over HTTP, read more here
OAUTH 2.0: stateless, client-server, communications protocol over HTTP, read more here
Architecture: REST
Authorization: OAuth 2.0
URL-s: basic URL structure is: https://{provider host}/{culture}/{controller}/{action}
URL example 1: https://demo.s2.renteon.com/en/api/offices/extendedList
URL example 2: https://demo.s2.renteon.com/hr/api/carCategories
Response encoding: JSON
DateTime format: DateTime information is serialized to JSON in ISO 8601 format, e.g."2017-04-23T18:25:43.511Z" (where applicable), read more here
Multi language: Response is available in multiple languages. Desired language is provider in URL {culture} part, expressed as ISO 3166-1 alpha-2 codes, read more here. Currently supported languages are: - HR - DE - FR - IT - ES - EN - NL - CS - PL - RU - PT - EL .
Multi currency: Prices are available in multiple currencies. Each Provider sets up it's own currencies. Currently supported currencies for this Provider are: - HRK - EUR - USD .
API returns different HTTP status codes. Code 200 is returned if everything was ok with request, while other codes require your attention or reaction. Possible HTTP status codes are:
200 OK: Standard response for successful HTTP requests. The actual response will depend on the request method used. In a GET request, the response will contain an entity corresponding to the requested resource. In a POST request, the response may contain an entity containing the result of the action.
400 Bad Request: The server cannot or will not process the request due to an apparent client error (e.g. malformed request syntax, invalid request message framing, etc.). This code is returned on "token" requests when credentials are invalid.
401 Unauthorized: Authentication is required and has failed or has not yet been provided. Client should acquire new access token using credentials or existing refresh token.
403 Forbidden: The request was a valid request, but authenticated user does not have the necessary permissions for the resource. Permission for each user are set by provider.
404 Not Found: The requested resource could not be found. For example, GET request with ID parameter which does not exists in provider.
405 Method Not Allowed: A request method is not supported for the requested resource. For example, a POST request on a read-only resource.
409 Conflict: Indicates that the request could not be processed because of edit conflict between multiple simultaneous updates. Client should reload the resource and then retry the request.
422 Unprocessable Entity: The request was well-formed but could not process becasue of model validation errors.
500 Internal Server Error: A generic error message, given when an unexpected exception happens in API and no more specific message is suitable.