{"info":{"_postman_id":"46a42be2-1dd9-463f-90ce-8013256f617d","name":"Travellink API – SSO - Documentation","description":"

SSO
Developer collections
Questions and suggestions: api.travellink@wooba.com.br .

What is SSO? | How does single sign-on work?

Single Sign-On (SSO) is an important cloud security technology that reduces all user application logins to one login for added security and convenience.

What is Single Sign-On (SSO)?

Single sign-on (SSO) is a technology that combines the login pages of multiple different applications into a single page. With SSO, the user needs to enter his login credentials (username, password etc.) only one time on a single page to access all of his SaaS applications.

To perform the initial settings, it is necessary to follow these steps:

Step 1

The developer must inform the Licensee/Operator of the URL Redirect.

Step 2

The Licensee/Operator will access the Acess Portal:
https://operadorateste.com.br/AccessPortal/

Content Travellink API > Credential> Select:

Basic Data:

\n\n\n\n\n\n\n\n\n

Tipo de API

ID

Nome

Client ID

Client Secret

Status

URL Redirecionamento

Travellink_auth Credential

ID is generated automatically

Reference name, for example: Developer SSO Test

Information generated automatically

Information generated automatically

Keep Active

Information that will be reported by the developer.
(Note: When this field is filled, Travellink will validate if the REDIRECT_URL is = field value.
If it is not filled, it will release to any REDIRECT_URL.

Context :

\n\n\n\n\n\n\n\n\n

Unidade Agência Cliente	By registering the credential per unit, agency and client, Travellink will respect the same hierarchy.

Passo 3

The Licensee/Operator must inform the Developer of the data from the Client ID and Client Secret fields.

\n\n

Registering the authentication API

Autentication

Step 1

The developer must include the button on the authentication page by following the example template:

https://wooba-sandbox.travellink.com.br/Agencias30/auth/authorize?client_id={CLIENT_ID}&response_type=code&scope=openid&redirect_uri={REDIRECT_URI}

\n\n

Note: The Client ID information and the REDIRECT URL are required parameters that must be entered in the URL button .

Step 2

When the user authenticates in Travellink, he will be redirected to the address at REDIRECT_URL, and the authentication token will be sent as CODE parameter.

MicrosoftInternetExplorer402DocumentNotSpecified7.8 磅Normal0

Model of redirection:

{REDIRECT_URI}? code={CODE}

https://mydomain.com.br?code={CODE}

After logging in Travellink you will receive the answer below:

Step 3
After obtaining the CODE value the developer should make a Post call to get the ID_Token

Post Example:
POST /Agencies30/auth/authorize/token HTTP/1.1
Host: wooba-sandbox.com.br
Authorization: Basic e0NMSUVOVF9JRH06e0NMSUVOVF9TRUNSRVR9

Content-Type: application/json:

{
\"grant_type\": \"authorization_code\",
\"redirect_uri\": \"{{redirect_uri}}\",
\"client_id\": \"{{client_id}}\",
\"client_secret\": \"{{client_secret}}\",
\"code\": \"{{code}}\"
}

\n\n

Exemplo www-form-urlencoded:

The application/x-www-form-urlencoded format is also accepted

StartFragmeThe application/x-www-form-urlencoded format is also accepted:

POST /Agencias30/auth/authorize/token HTTP/1.1
Host: wooba-sandbox.com.br
Authorization: Basic e0NMSUVOVF9JRH06e0NMSUVOVF9TRUNSRVR9

Content-Type: application/x-www-form-urlencoded
code={CODE}&client_id={CLIENT_ID}&client_secret={CLIENT_SECRET}&grant_type=authorization_code&redirect_uri={REDIRECT_URI}

\n\n

Note: Authorization {CLIENT_ID}:{CLIENT_SECRET} is encoded into Base64

Model of response:

{
\"token_type\": \"Bearer\",
\"expires_in\": 3600,
\"id_token\": \"token_jwt\"
}

\n\n

Getting the id_token

\n\n

**User Claims :**Data that is in the Token ID:

\n\n\n\n\n\n\n\n\n\n\n\n\n

sub email name role useremails phone_number	User Id at Travellink User email Full name of the user Access type of the user – Internal or External More than one email per user, these emails are separated by; It will only be sent if the user registration has the phone number registered.

Claims da Agência:

\n\n\n\n\n\n\n\n\n

agencyid agencybackofficecode agencydocument ragencyname agencybusinessname agencylogoUrl agencyaddress1 agencyaddress2 agencyneighborhood agencycity agencyzipCode agencystate agencycountry agencyphonegeneral agencyphoneemergency	Agency Id at Travellink Backoffice Code (IdERP) Agency EIN Corporate Name of the Agency Trade Name of the Agency Agency Logotype (image) Address Address 2 District City Zip code State Country Phone Phone/ Emergency contact number

Step 4
Optional (The developer may use the website JWT.IO to validate the IDtoken.

Id_Token Validation:

\n\n

Access code of the Developer

Documentation Link of the openId:

https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth

\n","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","toc":[{"content":"To perform the initial settings, it is necessary to follow these steps:","slug":"to-perform-the-initial-settings-it-is-necessary-to-follow-these-steps"}],"owner":"24548172","collectionId":"46a42be2-1dd9-463f-90ce-8013256f617d","publishedId":"2s9XxvTEhD","public":true,"customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"},"publishDate":"2023-08-01T14:57:07.000Z"},"item":[],"event":[{"listen":"prerequest","script":{"type":"text/javascript","exec":[""],"id":"46a19c10-f0a5-4a9d-aae7-72712196dac6"}},{"listen":"test","script":{"type":"text/javascript","exec":[""],"id":"29870c78-c82e-44c5-9771-879d91520b6c"}}],"variable":[{"key":"developer-token","value":"developer-token","type":"string"},{"key":"developer-access-code","value":"developer-access-code","type":"string"},{"key":"URL","value":"URL","type":"string"},{"key":"identifier","value":"Login","type":"string"},{"key":"password","value":"pass","type":"string"}]}