Page History

...

Whenever a new access token is needed (either because none is available or the old one has expired), a new one may be obtained by issuing a HTTP POST request to our token endpoint, supplying client_id and client_secret as HTTP Basic authentication, along with a grant_type of client_credentials:

Code Block

language	bash
title	Example Request using cURL

# https://CLIENT_ID:CLIENT_SECRET@hurricane.umbrellanet.ch/uf-test/oauth/token?grant_type=client_credentials
curl -v -X POST \
    -H "Content-type: application/x-www-form-urlencoded" \
    -u client-id:client-secret \
    -d "grant_type=client_credentials" \
    https://hurricane.umbrellanet.ch/uf-test/oauth/token

...

In addition(or instead) of our OAuth API scopes, we do also support scopes resulting in generation of an ID-Token, which will be returned in Step 4 as well as Step 5 of the Authorization flow.
If only an ID-Token is desired, the OAuth process may be called with response_type=token which will trigger the OAuth 2.0 Implicit flow and only generate a short-lived access token without providing a refresh token.

Scope	Description
openid	Required scope, triggers generation of an ID token containing the Faces-UUID of the profile in an “openid” attribute
profile	Outputs the user profile in a “profile” attribute containing a displayname and (depending on availability) firstname / name / phone
email	Outputs the users e-mail address as “email” attribute
agencyid	Outputs the UUID of the associated users travel agency (the main agency if access to multiple agencies is granted in case of an administrator) in the “agencyid” attribute of the token

The ID-Token will be presented in form of a JSON Web Token and will be cryptographically signed using our Service Provider Certificate available at <faces_url>/saml/metadata,
i.e. https://hurricane.umbrellanet.ch/uf-test/saml/metadata

...

TODO

Scope	api.profilesondemand.read
Endpoint	api/v1/profiles/companies
Request method	GET

Allows searching through a paged list of company profiles. This API can be used to narrow-down the traveler profile search by company.

Parameters

Name	Description	Validation
q	Freetext query for finding matching profiles	Required parameter
page	Current page within the result set, starts at 0	Optional, number >= 0
pageSize	Maximum number of results per page. Default 10	Optional, number > 0 and <= 100
includeDetails	Specify whether the search response should include detailed profile data	Boolean value: true or false Optional, default: false
detailSections	Specify additional profile areas to be returned if includeDetails is set to true. Only explicitly specified sections will be included.	Only the following sections are currently supported: AGENCY_INFO CONTACT_DATA

Code Block

language	bash
title	Example Request

curl -v -H "Authorization: Bearer <token>" https://hurricane.umbrellanet.ch/uf-test/api/v1/profiles/companies?q=acme&page=0&pageSize=10

Example Response

Code Block

language	js
title	Example Response
collapse	true

{
	"moreResults": false,
	"results": [{
		"uuid": "b9321d7e-9d72-4e80-ac49-d3aa38169175",
		"name": "ACME Inc."
	}]
}

Anchor
GetCompanyProfile
GetCompanyProfile
Get company profile

TODO

Scope	api.profilesondemand.read
Endpoint	api/v1/profiles/company/<uuid>
Request method	GET

Retrieves the details of a single company profile.

Parameters

Name

Description

Validation

<uuid>

The UUID of the profile to retrieve

Required parameter

sections

Areas of the profile to be returned.

May be used to reduce the amount of data transferred, if only specific information is required

All sections will be dumped if omitted. Please identify the relevant sections for your application during development and use a restricted information subset before moving to production.

Optional

Code Block

language	bash
title	Example request

curl -v -H "Authorization: Bearer <token>" \
    https://hurricane.umbrellanet.ch/uf-test/api/v1/profiles/company/b9321d7e-9d72-4e80-ac49-d3aa38169175?sections=CONTACT_DATA,MEMBERSHIPS

Code Block

language	js
title	Example response
collapse	true

{
	"uuid": "dba95fe6-873c-4499-be0c-d3aa38169175",
	"externalNr": "00001",
	"name": "Demo GmbH",
	"shortname": "DEMO-1",
	"data": {
		"contact": {
			"street": "Binzstrasse 33",
			"street2": null,
			"zipCode": "8620",
			"place": "Wetzikon",
			"countryCode": "CH"
		},
		"memberships": {
			"airline": [{
				"uuid": "6bd21d65-0671-4196-8fd1-4de9f4ce9071",
				"alliance": "LH",
				"memberNumber": "DEMODEMO123",
				"type": "SPECIAL_KEYWORD"
			}],
			"hotel": [],
			"rentalCar": []
		},
		"genericValues": {}
	}
}

Company profile sections overview

The following sections are currently available in accordance with our Swagger schema definition:

Name	Contents
AGNCY_INFO	Agency information: uuid name
CONTACT_DATA	Company contact data: street street2 zipCode place countryCode phone fax E-Mail (email, email2, email3)
MEMBERSHIPS	Corporate alliance Memberships airline alliance (2-Letter code) memberNumber type hotel alliance (2-Letter code) memberNumber rentalCar alliance (2-Letter code) memberNumber
GENERIC_VALUES	Values (where filled) from the generic setup, output as key-value pairs where the key is the fieldname and the value is the value entered on the profile.

Create new company profile

Scope	api.profilesondemand.write
Endpoint	api/v1/profiles/company
Request method	POST

Create a new company profile

Code Block

language	bash

curl -v -X POST \
    -H "Authorization: Bearer <token>" \
    -H "Content-Type: application/json" \
    --data '{
    "externalNr": "1337",
    "name": "Umbrella Organisation U+O AG",
    "shortname": "UMBRELLA",
    "data": {
        "contact": {
            "street": "Binzstrasse 33",
            "zipCode": "8620",
            "place": "Wetzikon",
            "countryCode": "CH"
        },
        "genericValues": {
            "costCenter": "1230A"
        },
        "agency": {
            "uuid": "52b166c5-4990-49bb-b1f1-d3aa38169175"
        }
    }
}' https://hurricane.umbrellanet.ch/uf-test/api/v1/profiles/company

Example response

The profile, including any sections populated by the request, will be reported back, including the newly generated UUID - see Get company profile

Implementation notes

The data structure is the same as is output in Get company profile with the following exceptions:

Company profile UUID cannot be provided in the JSON

For creating of a new profile, the following required properties must always be populated:

name
shortname

Faces will apply default validation logic as seen on our Web UI and CSV interfaces and will report validation errors to the caller without saving the profile.

Update existing company profile

Scope	api.profilesondemand.write
Endpoint	api/v1/profiles/company/<uuid>
Request method	PATCH

Parameters

Name	Description	Validation
<uuid>	The UUID of the profile to update	Required parameter

Versions Compared

Old Version 4

New Version 5

Key

Parameters

Example Response

Anchor
GetCompanyProfile
GetCompanyProfile
Get company profile

Parameters

Company profile sections overview

Create new company profile

Example response

Implementation notes

Update existing company profile

Parameters

Page History

Versions Compared

Old Version 4

New Version 5

Key

Parameters

Example Response

AnchorGetCompanyProfileGetCompanyProfileGet company profile

Parameters

Company profile sections overview

Create new company profile

Example response

Implementation notes

Update existing company profile

Parameters

Anchor
GetCompanyProfile
GetCompanyProfile
Get company profile