Search code examples
phpsabre

sabre production api php - need help - Authentication failed due to invalid credentials

I'm getting the following messages when calling the sabre rest API.

array(3) { ["access_token"]=> string(252) "my_accesstoken_was_here" ["token_type"]=> string(6) "bearer" ["expires_in"]=> int(604800) }



array(5) { ["status"]=> string(12) "NotProcessed" ["type"]=> string(10) "Validation" ["errorCode"]=> string(31) "ERR.2SG.SEC.INVALID_CREDENTIALS" ["timeStamp"]=> string(29) "2016-10-17T07:06:40.053-05:00" ["message"]=> string(48) "Authentication failed due to invalid credentials" }

I followed the sabre documentation located here: https://developer.sabre.com/docs/read/rest_basics/authentication

I have no idea why I'm getting the invalid credentials message as I'm using the access token provided from the API call to sabre.

The following is my code. What is the issue?

<?php

//  get access token 
$client_id= base64_encode("V1:user:group:AA");
$client_secret = base64_encode("my_password");
$token = base64_encode($client_id.":".$client_secret);

$data='grant_type=client_credentials';


    $headers = array(
        'Authorization: Basic '.$token,
        'Accept: */*',
        'Content-Type: application/x-www-form-urlencoded'
    );

    $ch = curl_init();
    curl_setopt($ch,CURLOPT_URL,"https://api.sabre.com/v2/auth/token");
    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
    curl_setopt($ch,CURLOPT_POST,1);
    curl_setopt($ch,CURLOPT_POSTFIELDS,$data);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    $res = curl_exec($ch);
    curl_close($ch);
    var_dump($resf = json_decode($res,1));
    $access_token = $resf['access_token']; // token provided from sabre
    $token_type = $resf['token_type'];
    $expires_in_seconds = $resf['expires_in'];

    // //  END get access token 

    // now to get api data using the provided access token
    $url = 'https://api.test.sabre.com/v1/shop/flights/fares?origin=jfk&destination=lax&lengthofstay=5&pointofsalecountry=US';
    $headers2 = array(
    'Authorization: bearer '.$access_token,
    'protocol: HTTP 1.1 '
     );

    echo "<br><br>";
    $ch2 = curl_init();
    curl_setopt($ch2,CURLOPT_URL,$url);
    curl_setopt($ch2,CURLOPT_HTTPHEADER,$headers2);
    curl_setopt($ch2,CURLOPT_RETURNTRANSFER,1);
    var_dump(json_decode(curl_exec($ch2),1));
    curl_close($ch2);


?>
Solution

  • The problem is that you're requesting a PROD access token (api.sabre.com) but sending the subsequent call to the test environment (api.test.sabre.com). Bear in mind that PROD and TEST credentials and tokens are not interchangeable.

    If you send the second call to api.sabre.com you should be fine.

    Hope this helps. Bruno.