Panel

title	Table of Contents

Table of Contents

exclude	(Example response)\|(Parameters)

Preamble / General Notes

The Profiles on Demand API relies fully on the OAuth2 protocol to perform authentication and authorization to profiles. It is strongly suggested to get a general grasp of the OAuth 2.0 flows, specifically the Authorization Code and Client Credentials flows, before running any API related inquiries.

...

Scope	Description
api.profilesondemand.read	Access to the Profiles API (read only)
api.profilesondemand.write	Access to the Profiles API (write)
api.profilesondemand.ccaccess	Access to plaintext credit card details. Requires attestation of PCI compliance as well as special handling for CC numbers to be exchanged via our parnter Midoco
openid	Required scope when requesting an ID-Token for “Login using Faces” functionality
agencyid	Optional scope to be included in and ID-Token. Please see the section Usage of an ID token within this document.
email	Optional scope to be included in and ID-Token. Please see the section Usage of an ID token within this document.
profile	Optional scope to be included in and ID-Token. Please see the section Usage of an ID token within this document.

...

Code Block

language	js
title	Example response
collapse	true

{
	"uuid": "dba95fe6-873c-4499-be0c-d3aa38169175",
	"externalNr": "00001",
	"name": "Demo GmbH",
	"shortname": "DEMO-1",
	"data": {
		"contact": {
			"street": "Binzstrasse 33",
			"street2": null,
			"zipCode": "8620",
			"place": "Wetzikon",
			"countryCode": "CH"
		},
		"memberships": {
			"airline": [{
				"uuid": "6bd21d65-0671-4196-8fd1-4de9f4ce9071",
				"alliance": "LH",
				"memberNumber": "DEMODEMO123",
				"type": "SPECIAL_KEYWORD"
			}],
			"hotel": [],
			"rentalCar": []
		},
		"genericValues": {}
	}
}

Anchor
CompanyProfileSections
CompanyProfileSections
Company profile sections overview

The following sections are currently available in accordance with our Swagger schema definition:

Name	Contents
AGNCY_INFO	Agency information: uuid name
CONTACT_DATA	Company contact data: street street2 zipCode place countryCode phone fax E-Mail (email, email2, email3)
MEMBERSHIPS	Corporate alliance Memberships airline alliance (2-Letter code) memberNumber type hotel alliance (2-Letter code) memberNumber rentalCar alliance (2-Letter code) memberNumber
GENERIC_VALUES	Values (where filled) from the generic setup, output as key-value pairs where the key is the fieldname and the value is the value entered on the profile.
CREDIT_CARDS	TBD This section is not yet available

Create new company profile

...

Code Block

language	js
title	Example response

{
	"uuid": "065fe9e0-47b7-4d12-b3de-d3aa38169175",
	"firstname": "Bob",
	"middlename": "",
	"name": "Builder",
	"email": "bob.builder@umbrella.ch",
	"data": {
		"company": {
			"externalNr": "12345",
			"name": "Fix-It Inc",
			"uuid": "52f2b2c0-4990-49bb-b1f1-d3aa38169175"
		},
		"genericValues": {
			"HairColor": "Red",
			"FirstClassTraveler": "Y"
		},
		"memberships": {
			"flight": [{
				"alliance": "LH",
				"memberNumber": "9992123412341234",
				"uuid": "dbb387a9-b5e7-44d0-87bf-64432ee3e582"
			}],
			"rentalCar": [],
			"hotel": []
		}
	}
}

Anchor
TravellerProfileSections
TravellerProfileSections
Traveler profile sections overview

The following sections are currently available in accordance with our Swagger schema definition:

Name	Contents
COMPANY_INFO	Information on the associated company: UUID name Customer number (externalNr)
COMPANY_CONTACT_DATA	Contact information of the associated company: Address (street, street2, zipCode, place, countryCode) phone fax E-Mail (email, email2, email3)
GENERAL_DATA	General profile information: gender title language Phones (businessPhone, privatePhone, mobilePhone) email birhtdate nationality
GENERIC_VALUES	Values (where filled) from the generic setup, output as key-value pairs where the key is the fieldname and the value, the value entered on the profile.
MEMBERSHIPS	Flight, Hotel and Rentalcar-Memberships, each with alliance-code and membernumber
PASSPORT	Passport(s) as shown in Faces UI
VISA	Visa information as shown in Faces UI
ID_CARD	Identification Cards as shown in Faces UI
EMERGENCY_CONTACT	Emergency contact: firstname, lastname phone email
ROLES	Roles as show in Faces UI with the respective checkboxes (true/false): traveller arranger approver
PREFERENCES	Preferences: smoker preferredSeat (A or W) preferredFood (4-Letter code)
CREDIT_CARDS	TBD This section is not yet available

Create new traveler profile

...

HTTP 204 “No Content” with empty body

Plaintext Credit Card API

This API is an extension to the Profiles API and allows to send and receive plaintext credit card information from / to Umbrella Faces.

Note
This API is currently under development and not yet generally available

Info
Partners wishing to use these APIs will be required proof their adherance to the PCI DSS security standards and will receive a custom endpoint from our credit card tokenization partner Midoco, which will ensure PCI compliace and forward card data from / to Umbrella Faces.

PCI Compliance Concept

TBD

Retrieve plaintext credit card data

Scopes

api.profilesondemand.read

api.profilesondemand.ccaccess

Endpoints

{midoco_proxy_url}/traveller/<uuid>/creditcard/{ccUuid}

{midoco_proxy_url}/company/<uuid>/creditcard/{ccUuid}

Request method

GET

Fetch plaintext credit card data from a company or traveler profile.

Parameters

Name

Description

Validation

uuid

Owning (company / traveler) profile UUID

Required parameter

ccUuid

Specific credit card UUID as obtained from the CREDIT_CARDS section of the profile.

See: Company profile sections overview, Traveler profile sections overview

Required parameter

Code Block

language	bash
title	Example request

curl -v TODO

Code Block

language	js
title	Example response

{
    "uuid": "bd380903-2e49-4920-9823-45626357c367",
    "type": "VI",
    "maskedNumber": "4444XXXXXXXX1111",
    "number": "4444333322221111",
    "expiration": "12/25",
    "publishAsFop": false
}

Store credit card number

Scopes

api.profilesondemand.write

api.profilesondemand.ccaccess

Endpoints

{midoco_proxy_url}/creditcard/store

Request method

POST

Send a new or updated credit card number and retrieve a transaction number to be used for company or traveller profile update via separate API call.

Code Block

language	bash
title	Example request

curl -v -X POST \
TODO

Code Block

language	js
title	Example response

{
	"transactionId": "ccTok-75cb0e1c-6640-4622-82bd-fed07fd1ca59",
	"validUntil": "10.09.2021T13:37:69Z"
}

Versions Compared

Old Version 9

New Version 10

Key

Preamble / General Notes

Anchor
CompanyProfileSections
CompanyProfileSections
Company profile sections overview

Create new company profile

Anchor
TravellerProfileSections
TravellerProfileSections
Traveler profile sections overview

Create new traveler profile

Plaintext Credit Card API

PCI Compliance Concept

Retrieve plaintext credit card data

Parameters

Store credit card number

Page History

Versions Compared

Old Version 9

New Version 10

Key

Preamble / General Notes

AnchorCompanyProfileSectionsCompanyProfileSectionsCompany profile sections overview

Create new company profile

AnchorTravellerProfileSectionsTravellerProfileSectionsTraveler profile sections overview

Create new traveler profile

Plaintext Credit Card API

PCI Compliance Concept

Retrieve plaintext credit card data

Parameters

Store credit card number

Anchor
CompanyProfileSections
CompanyProfileSections
Company profile sections overview

Anchor
TravellerProfileSections
TravellerProfileSections
Traveler profile sections overview