{"activeVersionTag":"latest","latestAvailableVersionTag":"latest","collection":{"info":{"_postman_id":"1f282c37-3529-09e9-06d2-92923380d1a1","name":"Lycan API","description":"Lycan API Documentation\n\nThis section contains the technical documentation for Lycan. API Authentication is managed through two different authorization strategies. We have `Bearer` tokens which are keys that grant access to any resource which owns this token (These are JWT based). The second authorization solution is `ResourceKey` based, which is where as an owner of a resource, you can grant third party access. \n\nBearer Token\n===\nYou will use a `Bearer` JWT token if you have an account on Lycan, are an application owner, or manage your own collection. Typical use-cases for such API access would be to curate your properties, handle distribution to third party marketing sites and process reservation payments through a connected payment gateway. \n\n*Who uses Bearer Tokens?*\n- Companies with their own Lycan Installation and would like to create their own website powered by Lycan\n- Agencies who manage their own collection/inventory\n- External Property Management Softwares\n- Individual homeowners/agencies\n\n\nResourceKey Token\n===\nYou will use ` ResourceKey` if you are a third party who wishes to be supplied with inventory from a Lycan user. For example, if you are a meta-marketplace, or a cleaning-app, or a logistics management company, or a review company, your product may depend on getting access to specific resources from a Lycan user. For example, you may need access to a user's properties, or a user's booking information. In this scenario, you will use a resource key which grants you access limited to the specific resource collection. \n\n*Who might use ResourceKey Tokens?*\n- Meta-marketplaces\n- Third-party applications who wish to get property/reservation/booking information.\n- Web agencies building websites for individual managers\n\nYou can see which endpoints support `Bearer` and `ResourceKey` tokens on each endpoint. \n\n**How do I get my respective token?**\nIf you are going use JWT `Bearer` authentication, you get your key by requesting a token from the authorization endpoint. See the \"Get Authentication JWT (Bearer) section below. In order to get our token, you pass your username and password for Lycan. \n\nIf you are going to use a `ResourceKey` based autentication, you will get your key from the company supplying you connectivity to their resources. For example, if you are wanting to receive inventory/booking information from an agent, they will supply you with the appropriate `ResourceKey`. \n\nOnce you have either token, authentication against Lycan uses the same process. Whenever you send a request to Lycan, you must include your token in the `Authorization` prefixed with the type of token. For example:\n\nBearer Token Auth\n---\n```\n--header 'Authorization: Bearer {{token}}'\n```\n\nResourceKey Token Auth\n---\n```\n--header 'Authorization: ResourceKey {{token}}'\n```\n\nScope of Ownership/Visbility\n=======\n\nThis might sound obvious, but for the sake of clarity, when you authenticate with a token, you will be able to access only resource which are within the scope visibility for that key. Lycan has several different types of roles.\n\n- Root Level\n- Application Administrator (Installation of your own Lycan)\n- User (Read and write access)\n- Agent (Read only)\n\nAn application administrator will be able to perform all actions on all resources within their application. \nA user will be able to access only resources which they own, or resources which are shared with them. For example, if you are a collection owner, and you have invited five other user's to your \"Collection\" you will be able to view/update specific resources which are within your own collection. You will not be able to view other user's resources. \n\n\nMulti-tenancy of Lycan environment\n=====\n\nLycan is a multi-tenanted application which many environments. Each environment is entirely isolated from each other, each with their own permissions, their own users and their own properties/distribution restrictions. The owner of the installation, which we call \"Application Owner\" on Lycan has full control over their environment and tenants (the users). This means that when you try and connect to a Lycan based API to get your Json Web Token (`Bearer`) you must also specify the `application_hash` which you are trying to access. If you do not know your hash, or have not been provided it, please contact support for this information. \n\n\nExpanding Response Objects\n=====\n\nAs you interact with Lycan API you may notice that some fields are not included with the response. We do this to keep the response objets lean, and to reduce load/stress for both requester and our servers. As you view different API endpoints you will notice that some will have the \"expand\" parameter and a set of comma separate values which you can use to expose those values in with the response. If you do not expand the field, you will not see any reference to that attribute/object in the response, allowing you to keep responses from our server lightweight and fast.\n\nA straightforward example of this in practice can be seen in the `/api/channels/:channelId/listings` endpoint. What you will observe is that on some requests you might want the entire `schemaObject` to be exposed on the request, whereas on occassion you may want just the listing IDs without the extra bulk. \n\nIn order to expose these additional fields, you can append a simple GET parameter with the field you are wanting to expand and expose in the response. For example, you would request the API using `/api/channels/:channelId/listings?expand=schemaObject` to receive all listing schema data. If you want to expand multiple fields you can separate them with a comma, such as `?expand=schemaObject,inboundProvider,outboundProvider`. \n\n<img src=\"https://www.lucidchart.com/publicSegments/view/c2a205be-7cc0-4378-8278-1969730301ad/image.png\" class=\"img-responsive\" />\n\nWarning: Updating Nested Objects\n===\n\nWhen you fetch data from the API you will see that the object includes nested objects. For example, if you fetch a reservation, the API will return all payments and order items attached to that reservation. You must not send the same response back for an update. This is because Lycan will not fetch the respective object, and instead will ignore your ID that you supply and create a new entity in it's place. This will result in you wiping existing data and replacing it with new data, potentially creating new payments. \n\n\n<img src=\"https://s3-eu-west-1.amazonaws.com/lycan-general/docs/VR4_095e.png\" class=\"img-responsive\" />\n\n\n","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","isPublicCollection":false,"owner":"18099","team":65954,"collectionId":"1f282c37-3529-09e9-06d2-92923380d1a1","publishedId":"RVfsGD2J","public":true,"publicUrl":"https://docs.lycan.rentivo.com","privateUrl":"https://go.postman.co/documentation/18099-1f282c37-3529-09e9-06d2-92923380d1a1","customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"EF5B25"},"documentationLayout":"classic-double-column","version":"8.10.1","publishDate":"2018-03-13T11:19:54.000Z","activeVersionTag":"latest","documentationTheme":"light","metaTags":{},"logos":{}},"statusCode":200},"environments":[{"name":"Lycan API - Production.template","id":"0e48152c-3f16-c013-ff4f-628afc9d901d","owner":"18099","values":[{"enabled":true,"key":"_username","value":"","type":"text"},{"enabled":true,"key":"_password","value":"","type":"text"},{"enabled":true,"key":"application_hash","value":"","type":"text"},{"enabled":true,"key":"entryPoint","value":"https://lycan.rentivo.com","type":"text"}],"published":true}],"user":{"authenticated":false,"permissions":{"publish":false}},"run":{"button":{"js":"https://run.pstmn.io/button.js","css":"https://run.pstmn.io/button.css"}},"web":"https://www.getpostman.com/","team":{"logo":"https://res.cloudinary.com/postman/image/upload/t_team_logo_pubdoc/v1/team/f4476594a8dbab6991a196247dfe2dc8accc445f8190eef0978895b8da2060ab","favicon":"https://rentivo.com/favicon.ico"},"isEnvFetchError":false,"languages":"[{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"HttpClient\"},{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"RestSharp\"},{\"key\":\"curl\",\"label\":\"cURL\",\"variant\":\"cURL\"},{\"key\":\"dart\",\"label\":\"Dart\",\"variant\":\"http\"},{\"key\":\"go\",\"label\":\"Go\",\"variant\":\"Native\"},{\"key\":\"http\",\"label\":\"HTTP\",\"variant\":\"HTTP\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"OkHttp\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"Unirest\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"Fetch\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"jQuery\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"XHR\"},{\"key\":\"c\",\"label\":\"C\",\"variant\":\"libcurl\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Axios\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Native\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Request\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Unirest\"},{\"key\":\"objective-c\",\"label\":\"Objective-C\",\"variant\":\"NSURLSession\"},{\"key\":\"ocaml\",\"label\":\"OCaml\",\"variant\":\"Cohttp\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"cURL\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"Guzzle\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"HTTP_Request2\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"pecl_http\"},{\"key\":\"powershell\",\"label\":\"PowerShell\",\"variant\":\"RestMethod\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"http.client\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"Requests\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"httr\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"RCurl\"},{\"key\":\"ruby\",\"label\":\"Ruby\",\"variant\":\"Net::HTTP\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"Httpie\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"wget\"},{\"key\":\"swift\",\"label\":\"Swift\",\"variant\":\"URLSession\"}]","languageSettings":[{"key":"csharp","label":"C#","variant":"HttpClient"},{"key":"csharp","label":"C#","variant":"RestSharp"},{"key":"curl","label":"cURL","variant":"cURL"},{"key":"dart","label":"Dart","variant":"http"},{"key":"go","label":"Go","variant":"Native"},{"key":"http","label":"HTTP","variant":"HTTP"},{"key":"java","label":"Java","variant":"OkHttp"},{"key":"java","label":"Java","variant":"Unirest"},{"key":"javascript","label":"JavaScript","variant":"Fetch"},{"key":"javascript","label":"JavaScript","variant":"jQuery"},{"key":"javascript","label":"JavaScript","variant":"XHR"},{"key":"c","label":"C","variant":"libcurl"},{"key":"nodejs","label":"NodeJs","variant":"Axios"},{"key":"nodejs","label":"NodeJs","variant":"Native"},{"key":"nodejs","label":"NodeJs","variant":"Request"},{"key":"nodejs","label":"NodeJs","variant":"Unirest"},{"key":"objective-c","label":"Objective-C","variant":"NSURLSession"},{"key":"ocaml","label":"OCaml","variant":"Cohttp"},{"key":"php","label":"PHP","variant":"cURL"},{"key":"php","label":"PHP","variant":"Guzzle"},{"key":"php","label":"PHP","variant":"HTTP_Request2"},{"key":"php","label":"PHP","variant":"pecl_http"},{"key":"powershell","label":"PowerShell","variant":"RestMethod"},{"key":"python","label":"Python","variant":"http.client"},{"key":"python","label":"Python","variant":"Requests"},{"key":"r","label":"R","variant":"httr"},{"key":"r","label":"R","variant":"RCurl"},{"key":"ruby","label":"Ruby","variant":"Net::HTTP"},{"key":"shell","label":"Shell","variant":"Httpie"},{"key":"shell","label":"Shell","variant":"wget"},{"key":"swift","label":"Swift","variant":"URLSession"}],"languageOptions":[{"label":"C# - HttpClient","value":"csharp - HttpClient - C#"},{"label":"C# - RestSharp","value":"csharp - RestSharp - C#"},{"label":"cURL - cURL","value":"curl - cURL - cURL"},{"label":"Dart - http","value":"dart - http - Dart"},{"label":"Go - Native","value":"go - Native - Go"},{"label":"HTTP - HTTP","value":"http - HTTP - HTTP"},{"label":"Java - OkHttp","value":"java - OkHttp - Java"},{"label":"Java - Unirest","value":"java - Unirest - Java"},{"label":"JavaScript - Fetch","value":"javascript - Fetch - JavaScript"},{"label":"JavaScript - jQuery","value":"javascript - jQuery - JavaScript"},{"label":"JavaScript - XHR","value":"javascript - XHR - JavaScript"},{"label":"C - libcurl","value":"c - libcurl - C"},{"label":"NodeJs - Axios","value":"nodejs - Axios - NodeJs"},{"label":"NodeJs - Native","value":"nodejs - Native - NodeJs"},{"label":"NodeJs - Request","value":"nodejs - Request - NodeJs"},{"label":"NodeJs - Unirest","value":"nodejs - Unirest - NodeJs"},{"label":"Objective-C - NSURLSession","value":"objective-c - NSURLSession - Objective-C"},{"label":"OCaml - Cohttp","value":"ocaml - Cohttp - OCaml"},{"label":"PHP - cURL","value":"php - cURL - PHP"},{"label":"PHP - Guzzle","value":"php - Guzzle - PHP"},{"label":"PHP - HTTP_Request2","value":"php - HTTP_Request2 - PHP"},{"label":"PHP - pecl_http","value":"php - pecl_http - PHP"},{"label":"PowerShell - RestMethod","value":"powershell - RestMethod - PowerShell"},{"label":"Python - http.client","value":"python - http.client - Python"},{"label":"Python - Requests","value":"python - Requests - Python"},{"label":"R - httr","value":"r - httr - R"},{"label":"R - RCurl","value":"r - RCurl - R"},{"label":"Ruby - Net::HTTP","value":"ruby - Net::HTTP - Ruby"},{"label":"Shell - Httpie","value":"shell - Httpie - Shell"},{"label":"Shell - wget","value":"shell - wget - Shell"},{"label":"Swift - URLSession","value":"swift - URLSession - Swift"}],"layoutOptions":[{"value":"classic-single-column","label":"Single Column"},{"value":"classic-double-column","label":"Double Column"}],"versionOptions":[],"environmentOptions":[{"value":"0","label":"No Environment"},{"label":"Lycan API - Production.template","value":"18099-0e48152c-3f16-c013-ff4f-628afc9d901d"}],"canonicalUrl":"https://docs.lycan.rentivo.com/view/metadata/RVfsGD2J"}