SOAP Message Structure
Overview
All messages to and from SiteConnect must be soap messages. They include a SOAP Security header for authentication purposes and contain the SOAP Body which contains the OTA message.
The following example is a complete SOAP message (this one shows an OTA_HotelAvailNotifRQ message payload)
SOAP version
SiteConnect is using SOAP 1.1
SOAP Security Header
The Security Header structure conveys authentication information. It is mandatory.
The ONLY acceptable value for the Password/@Type attribute is
"<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">SECRET</wsse:Password>
", indicating a plain text password.
Plain text passwords are acceptable as all communication is done over encrypted HTTP (HTTPS).
Security Header Example
<wsse:Security soap:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<wsse:UsernameToken>
<wsse:Username>USERNAME</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">SECRET</wsse:Password>
<!-- The ONLY acceptable value for the Password/@Type attribute is Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText" -->
</wsse:UsernameToken>
</wsse:Security>
Credential and Endpoint Requirements
Booking Channels will need to provide SiteConnect with a single username and password to be used for Retrieve Rooms, Inventory and Rate Push authentication.
These credentials MUST be global for all hotels using the connection, not for each individual hotel.
Booking Channels should try to provide SiteConnect with a single URI endpoint for all messages. If this is not possible, SiteConnect can handle a maximum of 2 URIs (one for the Retrieve Rooms API and one for the Inventory and Rate Push API).
SiteConnect partners will be provided with a single username and password for Reservation authentication.
Full XML Sample
The following example is a complete SOAP message (this one shows an OTA_HotelAvailNotifRQ message payload):
<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" soap:mustUnderstand="1">
<wsse:UsernameToken>
<wsse:Username>****</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">****</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</SOAP-ENV:Header>
<SOAP-ENV:Body
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<OTA_HotelAvailNotifRQ
xmlns="http://www.opentravel.org/OTA/2003/05" EchoToken="abc123" Version="1.0" TimeStamp="2022-01-01T09:30:47+08:00">
<AvailStatusMessages HotelCode="HOTEL">
<AvailStatusMessage BookingLimit="10">
<StatusApplicationControl Start="2022-01-01" End="2022-01-14" InvTypeCode="A1K" RatePlanCode="GLD"/>
</AvailStatusMessage>
</AvailStatusMessages>
</OTA_HotelAvailNotifRQ>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope> |