Guides

Learn about getting started with our products, common concepts in the travel industry, and more.

SOAP Basics

Developer Portal holds a lot of data and configurations, but you'll find it easier to use once you familiarize yourself with the data structure.

A client application calls the API by sending an XML message as a request, and the SynXis CRS infrastructure returns an XML response to the client. Because all communication is formatted in XML, the API is not tied to any particular operating system, programming language, or platform.

Aven Hospitality APIs are delivered over HTTPS. SOAP is the message protocol that encodes Web services messages before they are sent.

SOAP stands for simple object access protocol, and is a mechanism for transporting data from one network to another. In the Aven Hospitality API infrastructure a SOAP-based message is composed of the following parts:

  • An envelope that contains communication information
  • A header with attributes that describe the communication
  • A body that contains the message or information about the message

Sample SOAP Request

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <soap:Header>
    <HTNGHeader xmlns="http://htng.org/1.1/Header/">
      <From>
        <systemId />
        <Credential>
          <userName>string</userName>
          <password>string</password>
        </Credential>
      </From>
    </HTNGHeader>
  </soap:Header>
  <soap:Body>
    <OTA_HotelAvailRQ EchoToken="a2ce5626-02aa" PrimaryLangID="en" xmlns="http://www.opentravel.org/OTA/2003/05">
      <POS>
        <Source>
          <RequestorId ID="10" ID_Context="Synxis">
            <CompanyName Code="WSBE" />
          </RequestorId>
        </Source>
      </POS>
      <AvailRequestSegments>
        <AvailRequestSegment>
          <StayDateRange Start="12/05/2015" End="12/07/2015" />
          <RoomStayCandidates>
            <RoomStayCandidate Quantity="1">
              <GuestCounts>
                <GuestCount AgeQualifyingCode="10" Count="1" />
              </GuestCounts>
            </RoomStayCandidate>
          </RoomStayCandidates>
          <HotelSearchCriteria>
            <Criterion>
              <HotelRef HotelCode="22312" />
            </Criterion>
          </HotelSearchCriteria>
        </AvailRequestSegment>
      </AvailRequestSegments>
    </OTA_HotelAvailRQ>
  </soap:Body>
</soap:Envelope>

Environments

Aven Hospitality provides several environments for consuming Aven Hospitality APIs for the following general purposes: client development and production.

After you register with Aven Hospitality, you receive test authentication credentials and authorization to use the APIs you selected in the Test environment.

After you become a customer of Aven Hospitality, you receive production authentication credentials.

All requests are sent to a URL that is an endpoint into Aven Hospitality Web Services.

When a client or solution books hotel accommodations utilizing a URL that resolves to the back-end production system, the transactions are recorded in the live, production SynXis CRS system, and real-time inventory is decremented.

Please be sure to cancel any bookings created for test purposes.  If these bookings are not canceled, you and possibly your customers will be billed by suppliers or other vendors for all associated fees.

Security

Aven Hospitality APIs have implemented multiple layers of security for client applications. These layers include line security, authentication, authorization, and confidentiality.

Line Security

Line security is the layer that secures the data traveling on the line over the Internet between Aven Hospitality data centers and external systems.  Aven Hospitality APIs support point-to-point synchronous transport HTTPS using SSL with 128-bit encryption.

Clients that consume Aven Hospitality APIs must implement line security with a secure sockets layer, and they must secure the payloads with HTTPS.

Authentication

Authentication is the layer that allows consuming applications access to Aven Hospitality APIs.  The URL for consuming Aven Hospitality APIs and security credentials provides authentication. Security credentials follow the HTNG format of userName and password elements present in the SOAP header in each API request. Application developers receive the values for these elements during implementation. All other parameters are currently ignored.

The Aven Hospitality infrastructure authenticates the requestor of the service or consuming client using the security credentials in the request.

An example that shows the security credentials is shown below:

<soap:Header/>
  <HTNGHeader xmlns="http://htng.org/1.1/Header/">
    <From>
      <systemId />
      <Credential>
        <userName>string</userName>
        <password>string</password>
      </Credential>
    </From>
    <To>
      <systemId />
    </To>
    <timestamp />
    <echoToken />
    <transactionId />
    <action />
  </HTNGHeader>
</soap:Header>

Authorization

The authorization layer gives clients access to specific services or product packages.

When a client sends a request, the Aven Hospitality API infrastructure authorizes access to all services in the product packages to which an organization has subscribed.

Confidentiality

The confidentiality layer maintains the privacy of the data in a payload during its transmission. Aven Hospitality APIs use HTTPS with 128-bit SSL encryption.