Configuration
IdP
- The Sabre Hospitality team will provide the Sign-On URL/Assertion Consumer Service URL that may be needed to provision an application in the chain’s Identity Provider
- A SAML 2.0 application will then be needed to be provisioned in the Identity Provider
- Once provisioned, the application's SAML 2.0 metadata must then be provided to the Sabre Hospitality Team. The following information is needed:
- IdP Single Sign-On URL
- IdP Issuer Id
- X.509 Certificate
- The IdP must be configured to provide custom SAML attributes in the SAML Assertion. The attributes will pertain to the profile information.
| Attribute | Description |
|---|---|
| Context | Identifies the context of the message. Value: Profile Required |
| BusinessContext | Business context of the caller. Value: BE Required |
| ProfileID | The CRM, CRS or GHA member Profile ID. Required |
| LogoutUrl | Placeholder for a future implementation for Single-Sign-Out. Use the hotel brand URL. Required |
| ChainId | Unique ID that identifies hotel chain or management group in SynXis. Required |
| ProfileType | The type of user that is associated to the @ProfileID. Values: Guest, Booker Required |
| IDContext | Id context used to specify the source of the @ProfileID. Values: CRM, CRS Required |
| ProgramID | Identifies the loyalty program. Only valid for GHA Discovery Members. Value: GHA |
SynXis Booking Engine Designer
Navigate to Pages > Global Bar and configure the following information under CRM Settings
- Select the radio option to "Allow guests to Sign in to Profile through Profile Provider via SAML (CRM/IdP)
- Enter the SAML IdP Redirection link
- Enter the SAML IdP ID
Relay State Rules
Relay State must be pointing to the SynXis Booking Engine with the proper combination of the following properties:
- config
- level
- hotel
- chain
- redirectOnError (Optional flag if an error occurs indicating if the guest should be redirected to the RelayStateUrl or display the generic SBE ACS error page.