DragonPass API Developer Platform
v1
  • v2
  • v1
HomepageOfficial SiteContact Us
HomepageOfficial SiteContact Us
API Version
v1
  • v2
  • v1
  1. Development Guide
  • Implementation Guide
    • Get Started
    • DragonPass Modules
    • Our API Solution
  • Development Guide
    • Authentication
    • Response Format
    • Error Codes
    • Order Synchronization
    • UI Design Guidelines
  • Using the API
    • Search for resources
    • E-pass
      • Issuing, Querying, and Cancelling an E-pass
      • Querying E-pass Usage Orders and Details
      • Utilizing The E-pass
        • Lounge
        • Fast Track
        • Dining
    • Membership
      • Manage Memberships & Entitlements
      • Querying Membership Usage Orders and Details
      • Utilizing DragonPass Membership
        • Lounge
        • Fast Track
        • Dining
  • API reference
    • Authentication
      • Generate Access Token
    • Membership Management
      • Membership Registration
      • Update A Membership
      • Retrieve Membership Information
      • Generate Membership Dynamic QR Codes
    • Entitlement Management
      • Update Membership Entitlements
      • Retrieve Membership Entitlement Information
    • Transport Hubs
      • Retrieve Transport Hub
      • Retrieve Transport Hub Details
    • Resources
      • Retrieve Resource List
        • Retrieve Resources List Under A Specific Transport Hub
      • Search For Resources
        • Retrieve Resource Details
        • List Updated Resources
      • Check Resource Availability
        • Check Prebooking Resource Availability
    • Orders Management
      • Create Orders
        • E-pass
          • Issue An E-pass
            • Create E-pass Order
          • Lounge Prebooking
            • Create E-pass with Prebooking Order - Lounge
            • Create E-pass Prebooking Order - Lounge
          • Fast Track
            • Create E-pass Prebooking Order - Fast Track
            • Create E-pass with Prebooking Order - Fast Track
        • Membership
          • Create Membership Prebooking Order - Fast Track
          • Create Membership Prebooking Order - Lounge
      • Retrieve Order List
        • Retrieve E-pass Order List
        • Retrieve Membership Order List
      • Retrieve Order Details
        • E-pass
          • Retrieve E-pass Details
          • Retrieve E-pass Usage Order Details
        • Membership
          • Retrieve Membership Usage Order Details
      • Cancel Orders
        • Cancel an Order
  1. Development Guide

Authentication

Authentication#

Our API utilizes JSON Web Tokens (JWT) for secure authentication. This approach ensures efficient and reliable access to our services while maintaining strong security standards.
We offer two methods for obtaining a token, allowing flexibility based on your integration needs.
Our tokens are signed with the HMAC256 algorithm.

Token Generation via API#

Clients can call our Generate Access Token API to obtain a valid JWT.
Simply send your clientId and secret in the API request, and the endpoint will return a token valid for 1 hour.
{
    "clientId": "DragonPass",
    "secret": "dpSecretKey12345"
}

JWT Self-Generation#

Clients have the flexibility to generate their own JWTs using their preferred tools.

1. Account Setup and Credential Generation#

When you are ready to connect to our sandbox environment, DragonPass will help to setup the account, which includes necessary credentials to generate production JWTs.
Unique Program ID: 18943
Each client will be assigned a unique identifier, which is used to track and manage API usage.
Issuer (iss): 6A909655CF67444A93262A665CDD235F
A unique issuer identifier will be assigned to your account. This identifier must be used when generating JWTs to ensure they are valid for API endpoints.
Secret Key: 60B118779DD14B0990692B51BF8B93DC
A new, unique secret key will be generated for your account. This key is used to sign the JWTs, ensuring that they are secure and have not been tampered with.

2. Token Creation#

Step 1: Prepare Your JWT Generation Code
To generate a JWT, you'll need to use a library that supports JWT creation and validation. You can visit jwt.io to find libraries and examples specific to your programming environment.
Step 2: Set the Expiration Time and Generate the Token
Once you have your JWT library installed, you will need to set the expiration time for the token, and use the issuer and secret provided by us to sign the token.
The token is signed using the HMAC256 algorithm.
Please ensure that you securely store the secret key and do not expose it in your client-side code.

3. Example Snippet (Java)#

Modified at 2025-08-04 09:40:28
Previous
Our API Solution
Next
Response Format