Getting Started

This document is for 3rd party vendor that wants to vend for airline transport ticket on Trips platform.

Environment url

For the use of this documentation, it is assumed you have been provisioned (as a vendor) with the merchant key and merchant code on Trips platform.

The below diagram depicts the flow of API process (API method calls) on Trips

The Vendor will be given a MerchantKey and MerchantCode which he will use to hash a bearer token for authentication to access the endpoints.

Request Headers:

Authorization: bearer + SHA512(MerchantKey:MerchantCode)

MerchantKey: {merchantkey}

MerchantCode: {merchantcode}

Content-Type: application/json

Request Headers Sample:

Authorization: Bearer 194E1578816955B8DB4602383D32947C1E5ED1730F83BDF479D9829921139CA73B6765F3BE79CE107A2E7E8707B4D0AD502B9BD693E00FC7E070369FEB49096A Content-Type: application/json

MerchantCode: ACCESS

With the request headers as shown above, you can call the endpoint to search for flight.

Hash Key to Enhance API Security

The response from the confirm ticket price API, will have a property called "Hash", this will be a hashed value of the merchantkey, confirmationcode and the ticket fare.

To effectively process this on your backend, kindly combine these elements in the following format: {MerchantKey}_{ConfirmationCode}_{NewPriceWhole}. Once combined, proceed to hash this concatenated string using the SHA-512 algorithm.

The resulting hash should then be converted into a hexadecimal string. By comparing this calculated hash with the hash value provided in the "Hash" property of the response, you can ensure integrity and authenticity of the data. It's worth noting that your merchant key, a confidential piece of information, remains known solely to you.

Consequently, you hold the sole authority to validate this information accurately.

Sample: [WXqeiqqK4tNurxy_36083|3757BA45_5400]