Message Structure

Learn how SOAP messages must be structured when using the SiteMinder Exchange API, including formatting, headers, and authentication requirements.

Soap Message Structure

All SOAP messages (Requests/Responses) exchanged between SiteMinder and the application must:

Adhere to the SOAP message format.
Encapsulate the OTA message within the SOAP Body.
Requests must include a SOAP Security Header for authentication purposes.
Responses must be returned in a SOAP envelope. However, the SOAP Header should be empty.

Header

Name

Value

Content-Type

application/xml; charset=utf-8

Authorization

Basic <credentials>

Security Header

The Security Header structure conveys authentication information.

<wsse:Security soap:mustUnderstand="1"	
	xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
	xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
	<wsse:UsernameToken>
		<wsse:Username>USERNAME</wsse:Username>
		<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">SECRET</wsse:Password>
	</wsse:UsernameToken>
</wsse:Security>

The only acceptable value for the Password @Type attribute is http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText. Plain text passwords are acceptable as all communication is done over encrypted HTTP (HTTPS).

Credentials

Partners must provide SiteMinder with a single username and password to be used for authentication. These credentials must be global for all hotels using the connection.

Example

<SOAP-ENV:Envelope
	xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/">
	<SOAP-ENV:Header
		xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/">
		<wsse:Security
			xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
			xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soap:mustunderstand="1">
			<wsse:UsernameToken>
				<wsse:Username>USERNAME</wsse:Username>
				<wsse:Password type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#passwordtext">SECRET</wsse:Password>
			</wsse:UsernameToken>
		</wsse:Security>
	</SOAP-ENV:Header>
	<SOAP-ENV:Body
		xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/">
		<OTA_HotelResNotifRQ ... >
			<!-- ... other elements and attributes have been omitted for brevity ... -->
		</OTA_HotelResNotifRQ>
	</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

<SOAP-ENV:Envelope
	xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/">
	<SOAP-ENV:Body
		xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/">
		<OTA_HotelResNotifRS ... >
			<!-- ... other elements and attributes have been omitted for brevity ... -->
		</OTA_HotelResNotifRS>
	</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

Last updated 5 days ago

Was this helpful?