Authorization

Follow this guide to create a new Cloudbeds credential that will allow Nexla to authenticate to and exchange data with your Cloudbeds account.

Cloudbeds

Prerequisites

The Cloudbeds PMS API (v1.2) supports two authentication approaches. OAuth 2.0 (Authorization Code grant) is the recommended method for production integrations, while a static API key is available as a legacy option when Cloudbeds has issued a property-scoped key. Both methods are configured from the API Credentials area of your Cloudbeds account.

Cloudbeds Account Access

You need an active Cloudbeds account with permission to manage API credentials. API credentials are created and managed from the Apps & Marketplace area, which is accessible to property owners and administrators.

Generate Cloudbeds API Credentials

Complete the following steps to create the application credentials used by either authentication method:

1. Sign in to your Cloudbeds account at https://signin.cloudbeds.com/.

2. In the upper-right corner, click Account, then select Apps & Marketplace.

3. Use the menu at the top of the page to navigate to the API Credentials page.

4. Click the + New Credentials button to begin creating a new set of credentials.

5. Select the API Scopes that align with the Cloudbeds endpoints your integration will use. Scopes follow a read:<resource> / write:<resource> naming convention (for example, read:reservation, write:reservation, read:guest, write:guest). Select only the scopes required for the data you intend to read or write.

6. Click Create to generate the credentials. A modal will display the Client ID and Shared Secret (client secret).

   Click Generate New Secret to reveal the client secret for the first time, or to reset it. Store the client secret securely, as it provides access to your Cloudbeds property data.

For complete details about each scope and the endpoints it grants access to, refer to the Cloudbeds API authentication documentation.

Create a Cloudbeds Credential

• To create a new Cloudbeds credential, after selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.

Credential Name & Description

1. Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.

   Resource descriptions are recommended but are not required. They should be used provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.

Authentication Method

Cloudbeds supports two authentication methods in Nexla. Select the tab below that corresponds to the method you will use, and complete the listed steps to finish configuring the credential.

Cloudbeds Authentication Methods

OAuth 2.0 (3-Legged)

Authenticate using the Cloudbeds OAuth 2.0 Authorization Code grant. Tokens are scoped per property and refresh automatically. This is the recommended method for production integrations.

1. 2. Select the **OAuth 2.0 (3-Legged)** authentication method.
2. 3. Enter the **Client ID** of your Cloudbeds Marketplace application in the **Client ID** field. This is the public identifier generated when you created your API credentials.
3. 4. Enter the **Client Secret** (Shared Secret) generated for your Cloudbeds application in the **Client Secret** field. This value is sensitive and should be kept secure.
4. 5. Review the **Access Scope** field. It is pre-populated with a space-separated list of common Cloudbeds scopes (for example, `read:guest write:guest read:reservation write:reservation`). Adjust the scopes so they match the scopes granted to your Cloudbeds application and the data your flow needs to access.
5. 6. The **Authorization URL** and **Token URL** are pre-filled with the Cloudbeds OAuth endpoints (`https://hotels.cloudbeds.com/api/v1.2/oauth` and `https://hotels.cloudbeds.com/api/v1.2/access_token`) and typically do not need to be changed.
6. 7. Click the authorization button to launch the Cloudbeds consent screen, sign in as the property owner or administrator, and approve the requested access. Cloudbeds will return an authorization code that Nexla automatically exchanges for access and refresh tokens.

API Key (Legacy)

Authenticate using a static, property-scoped Cloudbeds API key. Use this method only when Cloudbeds has issued a static API key for your property. Cloudbeds prefers OAuth 2.0 for production integrations.

1. 2. Select the **API Key (Legacy)** authentication method.
2. 3. Enter your static Cloudbeds property API key in the **API Key** field. Nexla sends this value as an `Authorization: Bearer ` header on every request. This key authenticates Nexla with your Cloudbeds property and should be kept secure.

Refresh token expiration

For OAuth 2.0 credentials, the Cloudbeds refresh token is valid for 365 days, and its expiration is extended each time the access token is successfully refreshed. If the integration is inactive for 365 days, the refresh token expires and the OAuth authorization process must be completed again.

Save the Credential

1. Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.

2. The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.