Security

Sabre APIs has implemented multiple layers of security for client applications. These layers include line security, authentication, authorization, and confidentiality.

Line security

Line security is the layer that secures the data traveling on the line over the Internet between Sabre  data centers and external systems.  Sabre APIs support point-to-point synchronous transport HTTPS using SSL with 128-bit encryption.

Clients that consume Sabre APIs must implement line security with a secure sockets layer, and they must secure the payloads with HTTPS.

Authentication

Authentication is the layer that allows consuming applications access to Sabre APIs. The URL for consuming Sabre APIs and security credentials provides authentication. Security credentials are the wsse:Username, wsse:Password, Organization, and Domain elements present in the SOAP envelope in the request message of the SessionCreateRQ service. Application developers receive the values for these elements when they are set up to use Sabre APIs in production .

The Sabre  infrastructure authenticates the requestor of the service or consuming client using the security credentials in the request.

An example of the wsse:Security node that shows the security credentials is shown below:

<wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/12/secext" xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/12/utility">
    <wsse:UsernameToken>
        <wsse:Username>USERNAME</wsse:Username>
        <wsse:Password>PASSWORD</wsse:Password>
        <Organization>IPCC</Organization>
        <Domain>DEFAULT</Domain>
    </wsse:UsernameToken>
</wsse:Security>

Authorization

The authorization layer gives clients access to specific services or product packages.

When a client sends a request, the Sabre APIs infrastructure authorizes access to all services in the product packages to which an organization has subscribed.

Confidentiality

The confidentiality layer maintains the privacy of the data in a payload during its transmission. Sabre APIs use HTTPS with 128-bit SSL encryption.

SSL Certificate Renewal

SSL or Secure Socket Layer is the technology that creates an encrypted connection, and is absolutely critical if sensitive information such as credit card numbers or other personal information is transmitted. The SSL Certificate renewal is a routine procedure performed every 1-2 years and applies to all Sabre API HTTPS URLs. Please use the Resources link to access additional information.

If you are a Sabre customer currently using Sabre APIs in production, access Resources    

Docs Navigation