I'm looking to find a way to sync travelers' profiles in Sabre.
I could not found any Rest API for this purpose.
Regarding Soap APIs: I found some APIs from Sabre documentation but I'm confused a bit to choose the right one.
Can anyone help me to figure it out which one is the proper Soap API to synchronize the travellers' profiles in Sabre?
I want all my company employees profiles synchronized in sabre. Then I can, later on, add PNR against those employees records in Sabre.
There are not any direct API’s available to synchronize profiles. But there are API’s available which can be used to perform different operations like creating profiles, updating profiles, retrieving profile data, moving profile data to a PNR for booking, searching profiles and so on. This includes not just traveler profiles but other like corporate, group, travel agency and so on.
Here is a link for the same:-
http://webservices.sabre.com/drc/providerdoc/PPP/Sabre_Profiles_Technical_User_Guide.pdf
You can also search by the go to the Sabre developer website and search for Profiles to get a list of all the associated API’s:-
https://developer.sabre.com/search?keywords=profiles
Some of the most common methods are:-
OTA_ProfileCreateRQ – Profile creation
OTA_ProfileModifyRQ – Profile modification
OTA_ReadRQ- Retrieving profile details
OTA_Delete – Profile deletion
EPS_EXT_ProfileToPNRRQ - Allows the user to move profile data into the Sabre Passenger Name Record (PNR).
Related
Here is my scenario. Imagine there is a Yoga studio that uses a professional booking and reservation system that exposes an API. Through this API an application can make a reservation for a client. The API takes the client's userid and password to make the reservation. The booking API doesn't use OAuth or any social media sign-ins.
My desire is to create an Assistant Action that would retrieve the list of classes and allow the client to make a booking.
My puzzle is what design/architecture to look towards to supply the userid/password pair required by the booking API.
How have others solved this puzzle?
Should I store the userid/password as "user state" associated with the action?
First, you should have a conversation with the API provider about why they don't provide an OAuth-based solution. This is a security vulnerability waiting to happen, if it hasn't already.
Second, you need to think very carefully about your own risk profile in this case:
Google does not allow you to collect credential information (ie - passwords) through your Action.
Because of this, you must use Account Linking to authenticate them.
This means that you will need something (ie - a database or data store) to manage their account on your side.
This database would be a good place to keep the username/password you need to use for them for the API...
...but it now means that you need to take extreme care about protecting this database.
You don't really say how this API allows for accounts to be created and managed. If these accounts are just used for you (ie - the user doesn't necessarily see them), then you can mitigate some of that risk by treating the username/password as an opaque token that you manage and generate and that the user never sees.
If this is something that the user is aware of, then you'll need to approach the account linking in one of two ways:
Have them log into your service via an app or webapp using this credential info that you will need to save (ack!) and then link to the Assistant using OAuth.
Have them log into your service via an app or webapp using Google Sign-In, which will carry over to your Action. Then have them provide the credential info for the API, which you will need to save (ack!).
I am working on a multi-user Clio app that can automatically OCR every document stored in Clio. I would like to enable my app so that the OCR settings are configured once for the firm and not individually for each user.
How does Clio recommend implementing firm-wide settings?
I had thought about using the #DomainName.com part of the customer's email address but that feels brittle and seems like a good way to create a security issue.
Clio recommends that applications store their application specific settings in their own data store (ie Firebase or similiar would work). If you need to share settings across users in an account you can gain access to the account id via the users end point. The following request (ensure your application has the User Read scope set) should get you started.
GET "https://app.clio.com/api/v4/users/who_am_i?fields=id,account\{id\}"
This will return something like:
{"data":{"id":344855567,"account":{"id":809455327,"redacted":true}}
The account id will be the same for each user in the account, you can use this as your account key in storing account specific application settings in whatever data store you're using for your settings.
Hi i create application that is common to youtube and i`ve got some questions. I use google login(oAuth), so i keep in my database all things required to use google APIs for every user that wants to log in. The question is if i can use(is it possible and legal) google analytics to get info(like gender of people which shows his/her video or age or region) about every user that is loged in to my application and show it to another users which using my application ?
edit:
I do not know if you understood me well, user log in to my app with his google account, i have in my database his google token, etc. In my application all users have got youtube account and now what i want to do is that if you are log in, you can see user`s statistics from youtube(like the gender of people who watch his/her video and what is thier age) for any user registered in my app. There is a youtube analyse api, which alow you to get your account stats, and if i have access to someone`s google account(i keep toke in my datbase), i couldnt just use it to request that analyse api for every user and in that way get access to their stats. And another question is if i get data in the way that i described(of course if it is possibe), is it legall, if i can display such an info to other users not only to the owner of the account?
Thanks for help
Is it legall, if i can display such an info to other users not only to the owner of the account? Thanks for help
If you are authenticating a user to get access to their Private data. It is your responsibility as a developer to ensure that their data remains private. You should not be sharing data between your users without there express permission.
If the data you are accessing is public then you are allowed to display that data with anyone.
Remember when you created your google developer console account you agreed to this Google APIs Terms of Service
b. Compliance with Law, Third Party Rights, and Other Google Terms of Service
You will comply with all applicable law, regulation, and third party rights (including without limitation laws regarding the import or export of data or software, privacy, and local laws). You will not use the APIs to encourage or promote illegal activity or violation of third party rights. You will not violate any other terms of service with Google (or its affiliates).
d. User Privacy and API Clients
You will comply with all applicable privacy laws and regulations including those applying to PII. You will provide and adhere to a privacy policy for your API Client that clearly and accurately describes to users of your API Client what user information you collect and how you use and share such information (including for advertising) with Google and third parties.
You may also want to read Privacy policy
The API lacks some clear explanations on retrieving the reachestimate for either an ad account or an ad. I have made sure that:
I am an admin/ or added to a Facebook app
I have a paid advertising campaign
The adaccount ID is added in the Settings Advanced panel of the Developer App page
I've been trying to:
In Graph API Explorer, retrieve the data by query expansion: me?fields=adaccounts{campaigns{adsets{ads{reachestimate}}}}. However, I always get one of the following (randomly):
Still in the explorer, retrieve it by direct access: act_{adaccount_id}/reachestimate I get this, even if I am 100% sure the ad account is added in the Advanced Settings panel:
Both of 1 and 2 in the iOS project. I get this: com.facebook.sdk.core error 8
Test it by curl with the example from here. I get this (the same with the one from point 2): The ad account is not enabled for usage in Ads API.
Just as a further note, for point 1 that's not the whole query, but I didn't write the adjacent fields because they would've been redundant for the purpose of this question.
I simply need to retrieve the ad accounts, the campaigns, the ad sets and the reach estimate simultaneously in the same query. It seems like a dead spot for me. Do you have any suggestions? Can you show me a Graph API explorer working example? Or, if what I'm asking is impossible, can you simply show some code that works?
Are you app and ad account owned by the same person?
Facebook Ads API has tiered access. https://developers.facebook.com/docs/marketing-api/access
A newly registered app is in Development Tier and can only access the user's own ad accounts. You need to make some API calls on your own ad account for testing in order to get promoted to Basic Tier and manage other people's ad account.
Apparently, I got:
Please reduce the amount of data you're asking for, then retry your request.
Because the query was to broad. Those 'adjacent' fields actually triggered a massive query, so the solution was to either:
Put a limit(1) on the campaigns.
Individually retrieve the reachestimate for each adset.
I chose the latter because it suited my needs, but it's up to you which solution works better.
Before first sending signing request I should get a accountId.
So is there any expiration time for this accountID? Can I save it and use it any time with unlimited time if there is no changes in credential or/and other api key and so on?
I can't find information about strategy for accountId in rest api documentation.
Thank you
ref:
https://www.docusign.com/developer-center/recipes/request-a-signature-via-email
https://www.docusign.com/p/RESTAPIGuide/RESTAPIGuide.htm#REST API References/Login.htm
The account ID is part of your developer account. You can find it when you login by clicking on the little down arrow in the top right corner next to your avatar. It will display your name the name of the company then a number. That is the account ID.
The account ID does not expire. The way DocuSign manages access to the API's is through an Integrator key. For information about the Integrator key please refer to the following link. https://www.docusign.com/developer-center/api-overview
So from a broad overview you would want to break up the different business processes by business group and have a different Integrator Key for each unit. That way if someone builds bad code or something strange happens and they turn of one of the Integrator keys it does not affect every group in the company.
There is no expiration of your accountId however note that it will change between environments - i.e. when you move from demo to production. Therefore the best practice is to write your integration such that, for a given user, it makes the login call then uses the accountId returned from that in subsequent API requests. By writing it this way you also make the go live process easier since you wouldn't have to remember to go back and change any hard-coded values in your app.
Note that when you are in production, your organization (or your customers' organizations) may well have more than one account id. And that individuals within the organization may well have access to more than one account.
Example: a company has different rules for electronic signature requests that are sent from the legal department and all the other corporate departments. Depending on the differences in the rules, the best DocuSign configuration may be to establish two different accounts, one for legal and one for everybody else. And some people may have access to both accounts.
Bottom line: when your API integration app logs in, it should enable either the human or your config file to specify the account that should be used (if the user has access to more than one account.) While all users have a "default account," it is not always the case that the default is the one that should be used by your integration.