Co-Brand Integration Solutions

3rd Party Authentication

Last Minute Travel Co-Brand Integration Solutions provide access to our exclusive club. With minimum integration, your users can enjoy all the benefits our brand has the offer. Let your users search and book hotels, flights, rental cars, activities, cruises and packages as well as have access to wholesaler rates no one else has.

This document describes our 3rd party authentication solution, implemented with Rest API, server to server integration. The solution is suitable for partners that want to offer benefits to their members.
You will learn how to get a token to access our member site, use our search bar and redirect to our site authenticated.

The 3rd Party Authentication functionality enables creation and authentication of users on Last Minute Travel Club from an external source. The authenticated user will then be able to use the Club without having to log in manually.

1.Kickoff meeting

  1. Define the use case
  2. Go over the documentation
  3. Get the follow details
    1. Partner name
    2. Partner site
    3. Test account
    4. Contact information (for updates and support issues)

2. Implementation

  1. Last Minute Travel will send you the endpoint for the staging environment and access keys to start development.
  2. On our side, we are running tests to make sure your implementation works properly.
  3. After both sides verify that everything works well, you will receive the endpoint together with the access keys for production.

Solution Process Flow

Solution Process Flow

Once your client is logged in to your website and has clicked on a link or has used our integrated search bar, send a call to your server to trigger createToken() API call.

Send createToken() API call, you need to use the accessKeyID together with the secretAccessKey received from us. For us to create an account for your client on our website, you should send your client’s email (preferred). If not applicable, you can send instead a username containing any string that can identify the client. First name and last name are optional.

CreateToken() API
Content-Type: application/json
Content-Language: en_US platform: Web Accept-Encoding: gzip
    "accessKeyID": "9PWLS2RD0ETPeAOB9pNx",
    "secretAccessKey": "aS8r1kXb5wsUqWXkFVqKx1AhlghP7ayUHjhpbog3",
    "email": "", 
    "userName": "optional", 
    "firstName": "optional", 
    "lastName": "optional"
Mandatory parameters for Authenticate information:
*userName should not contain special characters
*userName should contain at least 2 characters
    "actionResult": [
            "code": 0, 
            "resultMessage": {
                "messageId": "success", 
                "localizedMessage": "Success"
    "result": {
        "token": "ffsdfsd#fsdf1gdf234Sasdafg"
response codes
Response CodeResponse StatusDescription
200OKSUCCESS - Response contains TOKEN
Account already exists, need to login first

createToken() will return a unique token that represents the client in our system. This will be used to authenticate the client on our side.

There are two possible ways for a user for redirection.
  1. Integrated search bar- Upon receiving the token from your server (success callback) - run the following JavaScript line:
     window.lmtUt = {token}
  2. Direct link to website – (for example Add the query string ut={token} to the url
  3. Direct link to mobile apps - add the hostname and token to the query string:

    iOS -{location.hostname}&ut={token}

    Android -{location.hostname}&ut={token}

    These links will open the app if it exists on the user device, or will redirect to the relevant store to download the app to the device

Email marketing is a great way to boost your members’ conversion and to increase your commission. We can send shopping cart recovery emails, welcome emails, cross-selling emails, and emails with special offers to your members.

To support email marketing, you need to develop a returnURL capability. Once your members click on a link from one of our campaigns, they will arrive at our website and have the ability to see the offer and continue shopping. However, before completing their booking, the users will be asked about being redirected to the login page within your website. Upon successful log in, the user will be redirected back to our site exactly at the point where he left off.

  1. Parse the returnUrl parameter from the query string – decodeUriComponent(returnUrl).
    {your website login page}?returnUrl={Checkout page URL}
  2. Once logged in, add the user token (ut={token}) to the parsed returnUrl and redirect there.
    {Checkout page URL}&ut={token}