# Authentication Guide

This guide provides clear instructions for authenticating against the Roomex PMS API, including code examples in Python, JavaScript, Java, and C#.

## Authentication Overview

To interact with the Roomex PMS API, you must authenticate using the `/api/v1/card/authorize` endpoint. This endpoint verifies the provided membership ID and returns an authentication status.

## Authentication Endpoint

### URL

POST https://c3a1ba49-c2e4-4e2f-829e-1195823e9d09.mock.pstmn.io/api/v1/card/authorize

### Headers


```json
{    "Content-Type": "application/json" }
```

### Request Body


```json
{    "membershipId": "1234567812345678" }
```

### Response

#### Success (200):


```json
{    "authId": "177317191",    "authStatus": "authorized",    "employeeIdentifier": "123456789",    "incidentalsCovered": "Single room only" }
```

### Error (400):


```json
{    "message": "Invalid card number format" }
```

## Code Examples

#### Python


```python
import requests
url = "https://c3a1ba49-c2e4-4e2f-829e-1195823e9d09.mock.pstmn.io/api/v1/card/authorize"
headers = {
    "Content-Type": "application/json"
}
payload = {
    "membershipId": "1234567812345678"
}
response = requests.post(url, json=payload, headers=headers)
if response.status_code == 200:
    print("Authentication Successful:", response.json())
else:
    print("Error:", response.json())
```

#### JavaScript (Node.js)


```javascript
const axios = require('axios');
const url = "https://c3a1ba49-c2e4-4e2f-829e-1195823e9d09.mock.pstmn.io/api/v1/card/authorize";
const headers = {
    "Content-Type": "application/json"
};
const payload = {
    membershipId: "1234567812345678"
};
axios.post(url, payload, { headers })
    .then(response => {
        console.log("Authentication Successful:", response.data);
    })
    .catch(error => {
        console.error("Error:", error.response.data);
    });
```

#### Java


```java
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.Scanner;
public class Main {
    public static void main(String[] args) throws Exception {
        URL url = new URL("https://c3a1ba49-c2e4-4e2f-829e-1195823e9d09.mock.pstmn.io/api/v1/card/authorize");
        HttpURLConnection connection = (HttpURLConnection) url.openConnection();
        connection.setRequestMethod("POST");
        connection.setRequestProperty("Content-Type", "application/json");
        connection.setDoOutput(true);
        String payload = "{\"membershipId\":\"1234567812345678\"}";
        try (OutputStream os = connection.getOutputStream()) {
            os.write(payload.getBytes());
        }
        int responseCode = connection.getResponseCode();
        if (responseCode == 200) {
            Scanner scanner = new Scanner(connection.getInputStream());
            System.out.println("Authentication Successful: " + scanner.nextLine());
            scanner.close();
        } else {
            Scanner scanner = new Scanner(connection.getErrorStream());
            System.out.println("Error: " + scanner.nextLine());
            scanner.close();
        }
    }
}
```

#### C#


```c#
using System;
using System.Net.Http;
using System.Text;
using System.Threading.Tasks;

class Program
{
    private static async Task Main(string[] args)
    {
        var url = "https://c3a1ba49-c2e4-4e2f-829e-1195823e9d09.mock.pstmn.io/api/v1/card/authorize";
        var payload = "{\"membershipId\":\"1234567812345678\"}";

        using (HttpClient client = new HttpClient())
        {
            var content = new StringContent(payload, Encoding.UTF8, "application/json");
            HttpResponseMessage response = await client.PostAsync(url, content);

            if (response.IsSuccessStatusCode)
            {
                string responseBody = await response.Content.ReadAsStringAsync();
                Console.WriteLine("Authentication Successful: " + responseBody);
            }
            else
            {
                string errorBody = await response.Content.ReadAsStringAsync();
                Console.WriteLine("Error: " + errorBody);
            }
        }
    }
}
```

## Error Handling

- **400 Bad Request**:
Invalid input (e.g., incorrect `membershipId` format).
- **404 Not Found**:
Membership ID does not exist.
- **500 Internal Server Error**:
Unexpected server error. Retry the request after some time.


## Next Steps

1. Use the authId returned in the response for subsequent API calls, such as check-in or check-out operations.
2. Refer to the full API documentation for additional endpoints and workflows.


If you encounter issues, contact our support team at [support@roomex.com](mailto:support@roomex.com).