# Integration Requirements

This page defines the technical standards, security protocols, and operational requirements that apply across all Channels Plus API components. These requirements ensure reliable, secure, and efficient connectivity between your booking channel and the SiteMinder platform.

### Compliance Policy

All integration partners must adhere to these requirements. Due to the growing number of partner integrations, SiteMinder can no longer accommodate exceptions.

**Non-Compliance Timeline**:

* Partners have **90 days** to remediate non-compliance issues after notification.
* Failure to comply may result in interface deactivation.
* **Critical issues** affecting production stability may result in **immediate temporary suspension**.

***

### Technical Foundation

Channels Plus is a **REST/JSON API**. All requests are standard HTTPS using JSON payloads.

<table><thead><tr><th width="199.8419189453125">Item</th><th>Detail</th></tr></thead><tbody><tr><td>Protocol</td><td>REST over HTTPS</td></tr><tr><td>Format</td><td>JSON</td></tr><tr><td>Authentication</td><td>Two-header channel-level (<code>x-sm-api-id</code> + <code>x-sm-api-key</code>)</td></tr><tr><td>API Specification</td><td>OpenAPI (YAML available for download)</td></tr></tbody></table>

***

### Security

#### Transport Layer Security

**Minimum Standard**: TLS 1.2 or higher

* All communication must use HTTPS
* Self-signed certificates are not supported
* Ensure your systems comply with PCI DSS requirements when handling credit card data

#### Authentication

Channels Plus uses channel-level authentication. Both headers are required on every request:

<table><thead><tr><th width="200.267333984375">Header</th><th>Description</th></tr></thead><tbody><tr><td><code>x-sm-api-id</code></td><td>Your assigned channel identifier</td></tr><tr><td><code>x-sm-api-key</code></td><td>Your channel secret key</td></tr></tbody></table>

Credentials are generated from the Partner Portal. Missing or invalid credentials return **HTTP 401**.

{% hint style="danger" %}
**Server-to-server use only.** Never expose your `x-sm-api-id` or `x-sm-api-key` in front-end or client-side code, or in logs. Doing so risks credential exposure and rate limit exhaustion.
{% endhint %}

***

### Rate Limiting

Channels Plus enforces a rate limit on a rolling time window per channel. Responses include rate limit headers you should monitor:

<table><thead><tr><th width="245.32379150390625">Response Header</th><th>Description</th></tr></thead><tbody><tr><td><code>ratelimit-policy</code></td><td>Requests allowed per window, e.g. <code>100;w=60</code> means 100 requests per 60 seconds</td></tr><tr><td><code>ratelimit-limit</code></td><td>Total requests allowed in the current window</td></tr><tr><td><code>ratelimit-remaining</code></td><td>Requests remaining in the current window</td></tr><tr><td><code>ratelimit-reset</code></td><td>Seconds until the window resets</td></tr></tbody></table>

**On HTTP 429**: Wait for the window to reset before retrying. Implement exponential backoff — recommended pattern: 1s → 2s → 4s, maximum 3 retries. Do not retry immediately.

***

### Deals

Deals are promotional offers that provide access to better rates from participating properties. Implementing Deals increases the likelihood of bookings and is central to how Channels Plus partners compete effectively.

**Two deal types are available**:

* **Direct Agreements** — a deal between a single property and your channel, with an active date range, discount rate, and commission rate
* **Campaigns** — a deal between your channel and one or more properties, with defined Stay Dates and Book Dates

***

### Booking Flow Requirements

#### Pending Reservation Expiry

Pending reservations expire approximately **10 minutes** after creation.

Your confirmation flow must complete within the 10-minute lock window. Expired reservations release held inventory back to the platform immediately.

#### Card Type Validation

Before confirming a reservation, check the property's `acceptedCardTypes` to verify the guest's card is supported. Using an unsupported card type returns a **400** error.

#### Cancellation Policy

Before presenting cancellation options to guests, always verify the `policyType` and `freeCancellationUntilDays` on the rate:

<table><thead><tr><th width="199.81597900390625">Policy Type</th><th>Description</th></tr></thead><tbody><tr><td><code>free-cancellation</code></td><td>Can be cancelled up to N days before check-in</td></tr><tr><td><code>non-refundable</code></td><td>Cannot be cancelled; <code>freeCancellationUntilDays</code> is null</td></tr></tbody></table>

{% hint style="info" %}
Only reservations with `policyType: "free-cancellation"` can be cancelled via the API, and only within the free cancellation period.
{% endhint %}

#### Commission

All pricing includes a commission breakdown. Your integration must correctly account for commission in all pricing and payment flows:

```json
{
  "totalCommissionPercentage": 18.0,
  "siteminderCommissionPercentage": 3.0,
  "channelCommissionPercentage": 15.0
}
```

`totalCommissionPercentage` = `siteminderCommissionPercentage` + `channelCommissionPercentage`

For full details see [Invoicing: Gross vs. Net](/channels-plus-api/additional-resources/commercial/invoicing-gross-vs-net.md).

***

### Data Constraints

These constraints are enforced by the API and must be respected in your integration logic.

| Constraint                           | Value        |
| ------------------------------------ | ------------ |
| Date format                          | `yyyy-MM-dd` |
| Max advance booking                  | 500 days     |
| Length of stay                       | 1–30 nights  |
| Max rooms per reservation            | 10           |
| Max date range (`Reservations List`) | 31 days      |
| Max lookback for `fromDate`          | 365 days     |

***

### Pagination

All list endpoints return paginated responses. Your integration must iterate correctly through pages and must not assume all results are returned in a single response.

* Use `page` and `perPage` query parameters to iterate
* `perPage` must be a **multiple of 10**
* Continue iterating until you have retrieved all pages

**`perPage` limits by endpoint**:

| Endpoint          | Max perPage |
| ----------------- | ----------- |
| Properties search | 100         |
| Reservations List | 200         |
| Export            | 500         |

***

### Data Freshness

Availability and pricing change in real time as inventory is booked and configuration is updated. Do not cache availability or pricing responses for extended periods — stale data will cause booking errors.

For property content (descriptions, photos, amenities, room types), refresh your local catalog periodically to capture rate plan changes and updated content.&#x20;

{% hint style="success" icon="sparkles" %}

## Still have questions?

Use the <i class="fa-gitbook-assistant">:gitbook-assistant:</i> **Ask** button at the top of the page to chat with our AI assistant — it can help you navigate the guide, understand requirements, and troubleshoot issues.

If you need more support, visit [Integration Support](/integration-support/integration-support.md).
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://developer.siteminder.com/channels-plus-api/guides/integration-requirements.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.