Making Requests

Here are the building blocks to set up your first request.

You'll need to include an access token in every request you make to the API.

To create an access token, head to your dashboard. When you create an access token, you'll be able to choose whether to give it read-only or read-write access.

Send your access token in the Authorization request header using the "Bearer" authentication scheme:

Authorization: Bearer <YOUR_ACCESS_TOKEN>

You'll need to send a Duffel-Version header with each request so we know which version of the API you want to use. Currently, the only available API version is beta:

Duffel-Version: beta

Please refer to the Backwards Compatibility page to learn more about our API versioning.

All responses from the API are in JSON format with UTF-8 encoding. An Accept header is required with every request:

Accept: application/json

All request bodies sent to the API should be in JSON format. A Content-Type header is required whenever you're sending a request body (i.e. for POST and PUT requests):

Content-Type: application/json

We recommend enabling compression for responses returned by the API, since they can be very large. To enable compression, send an Accept-Encoding header:

Accept-Encoding: gzip

You'll need to configure your HTTP client to decompress responses. Most clients will have this functionality built-in.