# Getting Started

## The Basics

The process of making a booking through the API requires the following order of steps:

1. **Mapping:** Map all products you wish to resell.
2. **Checking Availability:** Check inventory and obtain an `availabilityId` to reserve and confirm the booking.&#x20;
3. **Booking:**
   1. **Reserve:** Temporarily reserve the booking using the `availabilityId`.
   2. **Confirm:** Finalize the booking. You need to store the `supplierReferenceNumber`.
   3. **Update (not currently available):** You will need to cancel the booking and repeat Steps 1 and 2.
   4. **Cancel (optional):** Cancel a confirmed booking.

{% hint style="info" %}
Mapping must be completed at least once. As the supplier manages the data available for each product, you may recall the mapping many times.
{% endhint %}

### For Resellers of **A**ttractions, Activities and Tours.

You will need to implement **Mapping**, **Check Availability**, **Booking-Reserve**, and **Booking-Confirm.**&#x20;

**Advanced Capabilities** are fields such as Content and Pricing that you can choose to implement in addition to the basic calls listed above. Although optional, they may provide the functionality to improve your integration.

### For Resellers of Ground Transportation.

You will need to implement **Locations, Connections, Availability, Booking-Reserve, Booking-Append, and Booking-Confirm.** &#x20;

The `GET` `/locations/` endpoint will return a list of all possible places the supplier provides ground transportation pickups and dropoffs. &#x20;

The `GET` `/connections/` will return a service list based on the query for departure location and arrival locations. &#x20;

You can, of course, call `GET` `/connections/` directly without first calling `GET` `/locations/` provided that the departure and arrival locations are encoded, see the endpoint description for details on the encoding format.&#x20;

## Authentication

The OCTo Specification defines a single endpoint that provides a list of suppliers with a single API key. &#x20;

The unique API key provides access for a single supplier in Zaui.  Save this to your database.

{% hint style="info" %}
All communications must be over HTTPS
{% endhint %}

OCTo user **Bearer Authentication** which you can use to authenticate

```http
GET /octo/supplier HTTP/1.1
Host: api.zaui.io
Authorization: Bearer {your_bearer_key}

```

## JSON Content-Type

All requests are JSON and must use `Content-Type: application/json` in the header and the **request body must be a JSON encoded string.**  Every endpoint will return JSON.