Hospitality Commerce API

The Hospitality Commerce API is the execution layer behind Agent Hotel's booking platform for AI agents. Public discovery starts on https://agenthotel.dev; typed contracts and protected execution live on https://api.agenthotel.dev. The core booking flow is four API calls:

POST /v1/search → POST /v1/quotes → POST /v1/holds → POST /v1/bookings

Every response follows the envelope contract — success responses carry data + trace_id + next_actions, and error responses carry a stable error.code + remediation + next_actions so agents can self-recover without human intervention.

For AI agents

Start by fetching the Agent Card to discover capabilities, flows, and contracts. If your runtime wants public-first discovery, also probe the root-site metadata:

• API catalog
• OpenID configuration
• OAuth authorization server metadata
• OAuth protected resource metadata

Then read the agent quickstart for a complete cold-start guide.

Key resources:

• Agent Card — machine-readable capabilities and contracts
• OpenAPI spec — full request/response schemas
• MCP server card — transport and capability metadata for https://mcp.agenthotel.dev/mcp
• Error catalog — all 44 error codes with remediation
• Booking flow — canonical book_a_room flow with all endpoints

Key concepts

Authentication

Execution is authenticated. Discovery is public.

• Root-site discovery surfaces on agenthotel.dev do not require a credential.
• Protected API and MCP calls accept either an operator-managed agent secret (Authorization: Bearer hsk_live_...) or an OAuth access token minted via client_credentials.
• Bookings that act on behalf of a traveler also require a delegation JWT in X-Delegated-User.

See Discovery for the full auth scheme catalog.