Authentication

Create an API key, send it with your requests, and handle missing or invalid keys.

The Direct Travel API authenticates each request with an API key passed in the X-API-KEY header. No key is needed for demo mode, which is rate-limited to 5 requests per minute.

Get an API key

  1. Sign up or log in at hub.stay22.com.
  2. Go to Settings → API, enter a token name, and click Create.

Use your API key

Pass the key in the X-API-KEY header (recommended):

curl -H "X-API-KEY: <API_KEY>" \
  "https://api.stay22.com/v2/accommodations?address=Paris"
# get <API_KEY> at hub.stay22.com

Or as the key query parameter:

curl "https://api.stay22.com/v2/accommodations?key=<API_KEY>&address=Paris"

Demo mode

Omit the key to try the API without an account. Demo mode is limited to 5 requests per minute per IP; an API key raises this to 100. See Rate Limits.

curl "https://api.stay22.com/v2/accommodations?address=Paris"

Invalid or missing key

A missing or invalid key returns 401:

{
  "statusCode": 401,
  "error": "Unauthorized",
  "code": "INVALID_API_KEY",
  "message": "Invalid API key. Get your API key at hub.stay22.com",
  "requestId": "550e8400-e29b-41d4-a716-446655440000"
}

For the full list of error codes, see the API Reference — error responses are documented under each endpoint.

On this page