Table of contents

Third-Party Integrations

1. Background

This documents supplements the Terms of Service and forms an integral part of the Terms of Service. Terms not defined in this document shall have the meaning ascribed to them elsewhere in the Terms of Service.

2. Conditions for standard third party integrations

In order for Safeture to be able to perform third party integrations (as referred to in section 1.3 of the Terms of Service), the following Third Party Integration Conditions needs to be fulfilled. If these Third Party Integration Conditions are not fulfilled, additional fees and charges may apply in accordance with Section 3 below.

2.1   Travel booking

2.1.1   Travel Management company using Amadeus

Using Amadeus the TMC has to be able to queue PNRs to Safeture’s OID by adding a unique string to the clients profile in Amadeus. Safeture will provide the TMC with this string.

All PNRs should also have the “AI” field set with the value “AN”, where is a unique string of maximum 10 characters that identifies the corporate customer represented in the booking. This string has to be agreed upon together with Safeture.

The TMC has to be able to provide traveler information in the appropriate fields of the GDS (appropriate fields are determined by Safeture and based on the convention of which fields the Safeture platform supports data entries). Required traveler information is defined as Email, Mobile phone number, First Name, and Last Name. Example Email: Firstname.Lastname@Company.com. Mobile phone numbers shall be in the global MSISDN standard format. Example Mobile phone number: 46709000000 (i.e. Country prefix without the “+” and the mobile phone number without starting of “0”).

2.1.2   Travel Management company using Sabre

Using Sabre the TMC has to be able to queue PNRs to Safeture using Safeture’s Sabre and queue details. Details will be provided by Safeture.

The TMC has to be able to provide traveler information in the appropriate fields of the GDS (appropriate fields are determined by Safeture and based on the convention of which fields the Safeture platform supports data entries). Required traveler information is defined as Email, Mobile phone number, First Name, and Last Name. Example Email: Firstname.Lastname@Company.com. Mobile phone numbers shall be in the global MSISDN standard format. Example Mobile phone number: 46709000000 (i.e. Country prefix without the “+” and the mobile phone number without starting of “0”).

2.1.3   Travel Management company using Travelport/Galileo

The TMC need to contact their local SMO/NDC Travelport supplier directly to have the TBF product set-up due to contractual/billing purposes.

If the PCC the Customer provides will be used for multiple Clients then a Corp ID is needed and this needs to be requested when requesting the TBF product from Travelport.

Requirements for a TBF Corporate ID is created, this Corp ID then needs to be added into the Agencies Business/Traveler’s Profile (BAR/PAR) or directly into the PNR upon creation. TMC details to be provided to Travelport SMO/NDC; Agency Name, Client Name, Agency PCC, Country, and Host.

Once the CORP ID has been created it needs to be added to Safeture’s TBF Queue.

If the PCC will only be used for the 1 Client, then no Corp ID is required and all PNR’s will be sent to Safeture’s TBF Queue. In this case, the TMC needs to contact Travelport and request their PCC is added to Safeture’s TBF Queue.

When a PCC is added to a TBF Queue the AAT settings are automatically activated.

The TMC has to be able to provide traveler information in the appropriate fields of the GDS (appropriate fields are determined by Safeture and based on the convention of which fields the Safeture platform supports data entries). Required traveler information is defined as Email, Mobile phone number, First Name, and Last Name. Example Email: Firstname.Lastname@Company.com. Mobile phone numbers shall be in the global MSISDN standard format. Example Mobile phone number: 46709000000 (i.e. Country prefix without the “+” and the mobile phone number without starting of “0”).

2.1.4  Amex GBT

The customer needs to provide Safeture with contact information to their Amex GBT account manager, or responsible contact person. Standard Amex GBT integration is based on current setup between Safeture and Amex. After configuration and setup has been conducted by Amex GBT, Amex GBT has to provide Safeture with the Client ID to be used as identifier for the customer’s PNRs.

2.1.5   BCD

The customer needs to provide Safeture with contact information to their BCD account manager, or responsible contact person. Standard BCD integration is based on current API setup between Safeture and BCD. The client must have a unique BCD SMID (Account ID) from other entities/subsidiaries within the Client’s Organization to ensure only the Client’s travel data is received by Safeture.

2.1.6  Egencia

The customer needs to provide Safeture with contact information to their Egencia account manager, or responsible contact person. Standard Egencia integration is based on current setup between Safeture and Egencia applies.

2.1.7  CWT

The customer needs to provide Safeture with contact information to their CWT account manager, or responsible contact person. Standard CWT integration is based on current setup between Safeture and CWT.

2.2  Single Sign On

These are the steps needed to enable SSO:

·       The customer will receive an URL to a SAML metadata XML. https://iso.safeture.com/api/saml/metadata/

·       The customer has to import this XML into their identity provider of choice. Most identity providers supports this.

·       Once imported the customer will need to export the federation metadata XML or provide an URL to Safeture.

·       Along with the federation metadata the customer needs to tell Safeture what e-mail domains to trigger SSO and also the Attribute mappings unless they’re already stated in the federation metadata.

·       If the customer sends their internal user IDs as nameID instead of e-mail they will have to prefix this nameID with the name of their company to ensure global uniqueness.

·       Minimal requirements to send in the assertion is e-mail. All other fields are optional, but it’s recommended to sent first name, last name and phonenumber also.

2.3  Datawarehouse database connection for BI-tools

All internal data communication to and from Safeture servers must go via an IPSec VPN tunnel with static external IPs on both ends. IPs will be whitelisted. Safeture accepts odd IPSec ports.

The current minimal secure settings, that may change over time, is;

·       P1 – IKEv2; Encryption: AES-256-CBC, Hash: SHA-512, DH: Group 20

·       P2 – ESP tunnel-mode; Encryption: AES-256-CBC, Hash: HMAC-SHA-384, DH group 20

Internal IPSec firewall rules to and from specific servers/networks are mandatory on both sides. Block by default; any to any.

3. Conditions for non-standard third-party integrations

If the Third-Party Integration Conditions as defined above are not fulfilled by the Customer, any necessary additional work will be charged on an hourly basis.