...
Panel | ||||
---|---|---|---|---|
| ||||
|
Preamble / General Notes
The Profiles on Demand API relies fully on the OAuth2 protocol to perform authentication and authorization to profiles. It is strongly suggested to get a general grasp of the OAuth 2.0 flows, specifically the Authorization Code and Client Credentials flows, before running any API related inquiries.
...
Scope | Description |
---|---|
api.profilesondemand.read | Access to the Profiles API (read only) |
api.profilesondemand.write | Access to the Profiles API (write) |
api.profilesondemand.ccaccess | Access to plaintext credit card details. Requires attestation of PCI compliance as well as special handling for CC numbers to be exchanged via our parnter Midoco |
openid | Required scope when requesting an ID-Token for “Login using Faces” functionality |
agencyid | Optional scope to be included in and ID-Token. Please see the section Usage of an ID token within this document. |
Optional scope to be included in and ID-Token. Please see the section Usage of an ID token within this document. | |
profile | Optional scope to be included in and ID-Token. Please see the section Usage of an ID token within this document. |
...
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
{ "uuid": "dba95fe6-873c-4499-be0c-d3aa38169175", "externalNr": "00001", "name": "Demo GmbH", "shortname": "DEMO-1", "data": { "contact": { "street": "Binzstrasse 33", "street2": null, "zipCode": "8620", "place": "Wetzikon", "countryCode": "CH" }, "memberships": { "airline": [{ "uuid": "6bd21d65-0671-4196-8fd1-4de9f4ce9071", "alliance": "LH", "memberNumber": "DEMODEMO123", "type": "SPECIAL_KEYWORD" }], "hotel": [], "rentalCar": [] }, "genericValues": {} } } |
Anchor CompanyProfileSections CompanyProfileSections
Company profile sections overview
CompanyProfileSections | |
CompanyProfileSections |
The following sections are currently available in accordance with our Swagger schema definition:
Name | Contents |
---|---|
AGNCY_INFO | Agency information:
|
CONTACT_DATA | Company contact data:
|
MEMBERSHIPS | Corporate alliance Memberships
|
GENERIC_VALUES | Values (where filled) from the generic setup, output as key-value pairs where the key is the fieldname and the value is the value entered on the profile. |
CREDIT_CARDS | TBD This section is not yet available |
Create new company profile
...
Code Block | ||||
---|---|---|---|---|
| ||||
{ "uuid": "065fe9e0-47b7-4d12-b3de-d3aa38169175", "firstname": "Bob", "middlename": "", "name": "Builder", "email": "bob.builder@umbrella.ch", "data": { "company": { "externalNr": "12345", "name": "Fix-It Inc", "uuid": "52f2b2c0-4990-49bb-b1f1-d3aa38169175" }, "genericValues": { "HairColor": "Red", "FirstClassTraveler": "Y" }, "memberships": { "flight": [{ "alliance": "LH", "memberNumber": "9992123412341234", "uuid": "dbb387a9-b5e7-44d0-87bf-64432ee3e582" }], "rentalCar": [], "hotel": [] } } } |
Anchor TravellerProfileSections TravellerProfileSections
Traveler profile sections overview
TravellerProfileSections | |
TravellerProfileSections |
The following sections are currently available in accordance with our Swagger schema definition:
Name | Contents |
---|---|
COMPANY_INFO | Information on the associated company:
|
COMPANY_CONTACT_DATA | Contact information of the associated company:
|
GENERAL_DATA | General profile information:
|
GENERIC_VALUES | Values (where filled) from the generic setup, output as key-value pairs where the key is the fieldname and the value, the value entered on the profile. |
MEMBERSHIPS | Flight, Hotel and Rentalcar-Memberships, each with alliance-code and membernumber |
PASSPORT | Passport(s) as shown in Faces UI |
VISA | Visa information as shown in Faces UI |
ID_CARD | Identification Cards as shown in Faces UI |
EMERGENCY_CONTACT | Emergency contact:
|
ROLES | Roles as show in Faces UI with the respective checkboxes (true/false):
|
PREFERENCES | Preferences:
|
CREDIT_CARDS | TBD This section is not yet available |
Create new traveler profile
...
HTTP 204 “No Content” with empty body
Plaintext Credit Card API
This API is an extension to the Profiles API and allows to send and receive plaintext credit card information from / to Umbrella Faces.
Note |
---|
This API is currently under development and not yet generally available |
Info |
---|
Partners wishing to use these APIs will be required proof their adherance to the PCI DSS security standards and will receive a custom endpoint from our credit card tokenization partner Midoco, which will ensure PCI compliace and forward card data from / to Umbrella Faces. |
PCI Compliance Concept
TBD
Retrieve plaintext credit card data
Scopes | api.profilesondemand.read api.profilesondemand.ccaccess |
---|---|
Endpoints | {midoco_proxy_url}/traveller/<uuid>/creditcard/{ccUuid} {midoco_proxy_url}/company/<uuid>/creditcard/{ccUuid} |
Request method | GET |
Fetch plaintext credit card data from a company or traveler profile.
Parameters
Name | Description | Validation |
---|---|---|
uuid | Owning (company / traveler) profile UUID | Required parameter |
ccUuid | Specific credit card UUID as obtained from the CREDIT_CARDS section of the profile. See: Company profile sections overview, Traveler profile sections overview | Required parameter |
Code Block | ||||
---|---|---|---|---|
| ||||
curl -v TODO |
Code Block | ||||
---|---|---|---|---|
| ||||
{
"uuid": "bd380903-2e49-4920-9823-45626357c367",
"type": "VI",
"maskedNumber": "4444XXXXXXXX1111",
"number": "4444333322221111",
"expiration": "12/25",
"publishAsFop": false
} |
Store credit card number
Scopes | api.profilesondemand.write api.profilesondemand.ccaccess |
---|---|
Endpoints | {midoco_proxy_url}/creditcard/store |
Request method | POST |
Send a new or updated credit card number and retrieve a transaction number to be used for company or traveller profile update via separate API call.
Code Block | ||||
---|---|---|---|---|
| ||||
curl -v -X POST \
TODO |
Code Block | ||||
---|---|---|---|---|
| ||||
{
"transactionId": "ccTok-75cb0e1c-6640-4622-82bd-fed07fd1ca59",
"validUntil": "10.09.2021T13:37:69Z"
} |