Last Minute Travel

Scope

Last Minute Travel Co-Brand Integration Solutions provide access to our exclusive club. With minimum integration, your users can enjoy all the benefits our brand has the offer. Let your users search and book hotels, flights, rental cars, activities, cruises and packages as well as have access to wholesaler rates no one else has.

This document describes our 3rd party authentication solution, implemented with Rest API, server to server integration. The solution is suitable for partners that want to offer benefits to their members.
You will learn how to get a token to access our member site, use our search bar and redirect to our site authenticated.

3rd Party Authentication Integration (Rest API)

Description

The 3rd Party Authentication functionality enables creation and authentication of users on Last Minute Travel Club from an external source. The authenticated user will then be able to use the Club without having to log in manually.

On boarding process

1.Kickoff meeting

Define the use case
Go over the documentation
Get the follow details
1. Partner name
2. Partner site
3. Test account
4. Contact information (for updates and support issues)

2. Implementation

Last Minute Travel will send you the endpoint for the staging environment and access keys to start development.
On our side, we are running tests to make sure your implementation works properly.
After both sides verify that everything works well, you will receive the endpoint together with the access keys for production.

Solution Process Flow

Implementation

Step 1 - Request to redirect

Once your client is logged in to your website and has clicked on a link or has used our integrated search bar, send a call to your server to trigger createToken() API call.

Step 2 - createToken()

Send createToken() API call, you need to use the accessKeyID together with the secretAccessKey received from us. For us to create an account for your client on our website, you should send your client’s email (preferred). If not applicable, you can send instead a username containing any string that can identify the client. First name and last name are optional.

CreateToken() API

type

POST

path

 url}/api/v1.0/3rdparty/createToken

headers

Content-Type: application/json
Content-Language: en_US
platform: Web
Accept-Encoding: gzip

payload

{
    "accessKeyID": "9PWLS2RD0ETPeAOB9pNx",
    "secretAccessKey": "aS8r1kXb5wsUqWXkFVqKx1AhlghP7ayUHjhpbog3",
    "email": "useremail@google.com", 
    "userName": "optional", 
    "firstName": "optional", 
    "lastName": "optional"
}

Mandatory parameters for Authenticate information:

secretAccessKey

secretAccessKey

email

userName

*userName should not contain special characters
*userName should contain at least 2 characters

response

{
    "actionResult": [
        {
            "code": 0, 
            "resultMessage": {
                "messageId": "success", 
                "localizedMessage": "Success"
            }
        }
    ],
    "result": {
        "token": "ffsdfsd#fsdf1gdf234Sasdafg"
    }
}

response codes

Response Code	Response Status	Description
200	OK	SUCCESS - Response contains TOKEN
401	UNAUTHORIZED
406	NOT_ACCEPTABLE	MISSING_MANDATORY PARAMETERS
409	CONFLICT	NOT ABLE TO CREATE TOKEN Account already exists, need to login first
500	INTERNAL SERVER ERROR

Step 3 and 4 – Passing the token back to your website

createToken() will return a unique token that represents the client in our system. This will be used to authenticate the client on our side.

Step 5 - Redirection

There are two possible ways for a user for redirection.

Integrated search bar- Upon receiving the token from your server (success callback) - run the following JavaScript line:
```
 window.lmtUt = {token}
```
Direct link to website – (for example www.lastminutetravel.com) Add the query string ut={token} to the url
Direct link to mobile apps - add the hostname and token to the query string:
iOS - https://app.appsflyer.com/id736103359?pid=3rd%20Party%20Gold&c={location.hostname}&ut={token}
Android - https://app.appsflyer.com/com.tgs.systems.lmtdeal?pid=3rd%20Party%20Gold&c={location.hostname}&ut={token}
These links will open the app if it exists on the user device, or will redirect to the relevant store to download the app to the device

Email Marketing Support

Email marketing is a great way to boost your members’ conversion and to increase your commission. We can send shopping cart recovery emails, welcome emails, cross-selling emails, and emails with special offers to your members.

How does it work?

To support email marketing, you need to develop a returnURL capability. Once your members click on a link from one of our campaigns, they will arrive at our website and have the ability to see the offer and continue shopping. However, before completing their booking, the users will be asked about being redirected to the login page within your website. Upon successful log in, the user will be redirected back to our site exactly at the point where he left off.

Return URL implementation

Parse the returnUrl parameter from the query string – decodeUriComponent(returnUrl).
Example:
```
{your website login page}?returnUrl={Checkout page URL}
```
Once logged in, add the user token (ut={token}) to the parsed returnUrl and redirect there.
Example:
```
{Checkout page URL}&ut={token}
```