Getting an Access Token

Access to our services is controlled via tokens (Oauth 2.0). To get a token you must call our token end-point and supply your client key and client secret. Tokens remain valid for a limited time.

Request URI

POST https://api.lufthansa.com/v1/oauth/token
Content-Type: application/x-www-form-urlencoded
POST Parameter Value
client_id Your client application key
client_secret Your client secret
grant_type "client_credentials"

Request Example

curl "https://api.lufthansa.com/v1/oauth/token" -X POST -d "client_id=28fu8yg7tx35qkqnc6jg96fy" -d "client_secret=6jc9Zj9PE2" -d "grant_type=client_credentials"

Response Structure Definition

access_token Your new access token
token_type We only use bearer tokens
expires_in The number of seconds until this token expires

Response Example

{"access_token":"d8bmzggu72dy69tzkffe6vaa","token_type":"bearer","expires_in":21600}

Note that we respond with token_type "bearer" (lower case b) yet when you send us a token it must be named "Bearer" (upper case B). This is a known issue that we are working to resolve.

 

You can also generate a token via our API Playground page.