Quickbook API
Security & rate limits
1. Security
The Addison Lee Quickbook API uses the HTTP Authorization header to pass authentication information to all endpoints. The Authorization
header has the following format:
Authorization: AL client_id:client_secret
The HTTP request containing an Authorization
header is shown below:
POST https://sandbox.api.eu.addisonleeglobal.net/api-quickbook/v3/api/booking/create HTTP/1.1
Content-Type: application/json
Authorization AL r84056009d3c4bbda7af8710c85ff0cc:729012cb43c94a72BA9E70571311449
Details of how to obtain your Client ID and Client Secret can be found in the main page.
1.1. Unauthorised Access
If the Client ID and Client Secret are invalid, the following HTTP Response will be returned.
HTTP/1.1 401 Unauthorized
Server: API Gateway/1.3.2
Content-Type: application/x-www-form-urlencoded
Date: Wed, 08 Jul 2015 21:11:51 BST
X-MULE_ENCODING: US-ASCII
Content-Length: 34
Invalid client_id or client_secret
2. Rate Limits
The API is rate limited at a maximum value specified in the Standard SLA Tier. Any messages beyond the maximum are rejected. Enforcement is based on the client id passed in the request.
The API will return the following X-RateLimit-* headers in the HTTP Response
X-RateLimit-Limit: 10
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 42661
X-RateLimit-Limit
defines the number of requests allowed.X-RateLimit-Remaining
defines the remaining number of requests (count).X-RateLimit-Reset
defines the time in milliseconds before the remain rate count is reset.
The following response will be generated in the event the API message rate is exceeded
HTTP/1.1 429 Too Many Requests
Server: API Gateway/1.3.2
Content-Type: application/x-www-form-urlencoded
Date: Wed, 08 Jul 2015 13:35:21 BST
X-RateLimit-Limit: 10
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 42661
Content-Length: 18