Sabre® Dev Studio holds a lot of data and configurations, but you'll find it easier to use once you familiarize yourself with the data structure.
A client application calls the API by sending an XML message as a request, and the Sabre infrastructure returns an XML response to the client. Because all communication is formatted in XML, the API is not tied to any particular operating system, programming language, or platform.
Sabre APIs are delivered over HTTPS. SOAP is the message protocol that encodes Web services messages before they are sent.
SOAP stands for simple object access protocol, and is a mechanism for transporting data from one network to another. In the Sabre API infrastructure a SOAP-based message is composed of the following parts:
- An envelope that contains communication information
- A header with attributes that describe the communication
- A body that contains the message or information about the message
Sample SOAP Request
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <soap:Header> <HTNGHeader xmlns="http://htng.org/1.1/Header/"> <From> <systemId /> <Credential> <userName>string</userName> <password>string</password> </Credential> </From> </HTNGHeader> </soap:Header> <soap:Body> <OTA_HotelAvailRQ EchoToken="a2ce5626-02aa" PrimaryLangID="en" xmlns="http://www.opentravel.org/OTA/2003/05"> <POS> <Source> <RequestorId ID="10" ID_Context="Synxis"> <CompanyName Code="WSBE" /> </RequestorId> </Source> </POS> <AvailRequestSegments> <AvailRequestSegment> <StayDateRange Start="12/05/2015" End="12/07/2015" /> <RoomStayCandidates> <RoomStayCandidate Quantity="1"> <GuestCounts> <GuestCount AgeQualifyingCode="10" Count="1" /> </GuestCounts> </RoomStayCandidate> </RoomStayCandidates> <HotelSearchCriteria> <Criterion> <HotelRef HotelCode="22312" /> </Criterion> </HotelSearchCriteria> </AvailRequestSegment> </AvailRequestSegments> </OTA_HotelAvailRQ> </soap:Body> </soap:Envelope>
Sabre Hospitality provides several environments for consuming Sabre Hospitality APIs for the following general purposes: client development and production.
After you register with Sabre®, you receive test authentication credentials and authorization to use the APIs you selected in the Test environment.
After you become a customer of Sabre, you receive production authentication credentials.
All requests are sent to a URL that is an endpoint into Sabre Hospitality Web Services.
When a client or solution books hotel accommodations utilizing a URL that resolves to the back-end production system, the transactions are recorded in the live, production Sabre system, and real-time inventory is decremented.
Please be sure to cancel any bookings created for test purposes. If these bookings are not canceled, you and possibly your customers will be billed by suppliers or other vendors for all associated fees.
Sabre Hospitality APIs have implemented multiple layers of security for client applications. These layers include line security, authentication, authorization, and confidentiality.
Line security is the layer that secures the data traveling on the line over the Internet between Sabre data centers and external systems. Sabre Hospitality APIs support point-to-point synchronous transport HTTPS using SSL with 128-bit encryption.
Clients that consume Sabre Hospitality APIs must implement line security with a secure sockets layer, and they must secure the payloads with HTTPS.
Authentication is the layer that allows consuming applications access to Sabre Hospitality APIs. The URL for consuming Sabre Hospitality APIs and security credentials provides authentication. Security credentials follow the HTNG format of userName and password elements present in the SOAP header in each API request. Application developers receive the values for these elements during implementation. All other parameters are currently ignored.
The Sabre infrastructure authenticates the requestor of the service or consuming client using the security credentials in the request.
An example that shows the security credentials is shown below:
<soap:Header/> <HTNGHeader xmlns="http://htng.org/1.1/Header/"> <From> <systemId /> <Credential> <userName>string</userName> <password>string</password> </Credential> </From> <To> <systemId /> </To> <timestamp /> <echoToken /> <transactionId /> <action /> </HTNGHeader> </soap:Header>
The authorization layer gives clients access to specific services or product packages.
When a client sends a request, the Sabre Hospitality API infrastructure authorizes access to all services in the product packages to which an organization has subscribed.
The confidentiality layer maintains the privacy of the data in a payload during its transmission. Sabre Hospitality APIs use HTTPS with 128-bit SSL encryption.