Scope
Last Minute Travel Co-Brand Integration Solutions provide access to our exclusive club. With minimum integration, your users can enjoy all the benefits our brand has the offer. Let your users search and book hotels, flights, rental cars, activities, cruises and packages as well as have access to wholesaler rates no one else has.
This document describes our 3rd party authentication solution, implemented with Rest API, server to server integration. The solution is suitable for partners that want to offer benefits to their members.
You will learn how to get a token to access our member site, use our search bar and redirect to our site authenticated.
3rd Party Authentication Integration (Rest API)
Description
The 3rd Party Authentication functionality enables creation and authentication of users on Last Minute Travel Club from an external source. The authenticated user will then be able to use the Club without having to log in manually.
On boarding process
1.Kickoff meeting
- Define the use case
- Go over the documentation
- Get the follow details
- Partner name
- Partner site
- Test account
- Contact information (for updates and support issues)
2. Implementation
- Last Minute Travel will send you the endpoint for the staging environment and access keys to start development.
- On our side, we are running tests to make sure your implementation works properly.
- After both sides verify that everything works well, you will receive the endpoint together with the access keys for production.
Solution Process Flow
Implementation
Step 1 - Request to redirect
Once your client is logged in to your website and has clicked on a link or has used our integrated search bar, send a call to your server to trigger createToken() API call.
Step 2 - createToken()
Send createToken() API call, you need to use the accessKeyID together with the secretAccessKey received from us. For us to create an account for your client on our website, you should send your client’s email (preferred). If not applicable, you can send instead a username containing any string that can identify the client. First name and last name are optional.
CreateToken() API | |||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
type | POST | ||||||||||||||||||
path | url}/api/v1.0/3rdparty/createToken | ||||||||||||||||||
headers | Content-Type: application/json | ||||||||||||||||||
payload | { "accessKeyID": "9PWLS2RD0ETPeAOB9pNx", "secretAccessKey": "aS8r1kXb5wsUqWXkFVqKx1AhlghP7ayUHjhpbog3", "email": "useremail@google.com", "userName": "optional", "firstName": "optional", "lastName": "optional" } Mandatory parameters for Authenticate information: secretAccessKey + secretAccessKey email OR userName | ||||||||||||||||||
response | { "actionResult": [ { "code": 0, "resultMessage": { "messageId": "success", "localizedMessage": "Success" } } ], "result": { "token": "ffsdfsd#fsdf1gdf234Sasdafg" } } | ||||||||||||||||||
response codes |
|
Step 3 and 4 – Passing the token back to your website
createToken() will return a unique token that represents the client in our system. This will be used to authenticate the client on our side.
Step 5 - Redirection
There are two possible ways for a user for redirection.- Integrated search bar- Upon receiving the token from your server (success callback) - run the following JavaScript line:
window.lmtUt = {token}
- Direct link to website – (for example www.lastminutetravel.com) Add the query string ut={token} to the url
- Direct link to mobile apps - add the hostname and token to the query string:
iOS - https://app.appsflyer.com/id736103359?pid=3rd%20Party%20Gold&c={location.hostname}&ut={token}
Android - https://app.appsflyer.com/com.tgs.systems.lmtdeal?pid=3rd%20Party%20Gold&c={location.hostname}&ut={token}
These links will open the app if it exists on the user device, or will redirect to the relevant store to download the app to the device
Email Marketing Support
Email marketing is a great way to boost your members’ conversion and to increase your commission. We can send shopping cart recovery emails, welcome emails, cross-selling emails, and emails with special offers to your members.
How does it work?
To support email marketing, you need to develop a returnURL capability. Once your members click on a link from one of our campaigns, they will arrive at our website and have the ability to see the offer and continue shopping. However, before completing their booking, the users will be asked about being redirected to the login page within your website. Upon successful log in, the user will be redirected back to our site exactly at the point where he left off.
Return URL implementation
- Parse the returnUrl parameter from the query string – decodeUriComponent(returnUrl).Example:
{your website login page}?returnUrl={Checkout page URL}
- Once logged in, add the user token (ut={token}) to the parsed returnUrl and redirect there.Example:
{Checkout page URL}&ut={token}
*userName should contain at least 2 characters