Message Structure

Learn how SOAP messages must be structured when using the pmsXchange API, including formatting, headers, and authentication requirements.

Soap Message Structure

All SOAP messages (Requests/Responses) exchanged between SiteMinder and the PMS/RMS must:

Adhere to the SOAP message format.
Encapsulate the OTA message within the SOAP Body.
Requests must include a SOAP Security Header for authentication purposes.
Responses must be returned in a SOAP envelope. However, the SOAP Header should be empty.

Version

pmsXchange is using SOAP 1.1

Header

Name

Value

Content-Type

text/xml; charset=utf-8

Authorization

Basic <credentials>

Security Header

The Security Header structure conveys authentication information.

<wsse:Security soap:mustUnderstand="1"	
	xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
	xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
	<wsse:UsernameToken>
		<wsse:Username>USERNAME</wsse:Username>
		<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">SECRET</wsse:Password>
	</wsse:UsernameToken>
</wsse:Security>

The only acceptable value for the Password @Type attribute is http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText. Plain text passwords are acceptable as all communication is done over encrypted HTTP (HTTPS).

Credentials

SiteMinder will provide partners with a single username and password to be used for authentication. These credentials will be global for all hotels using the connection.

Example

<SOAP-ENV:Envelope
	xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
	<SOAP-ENV:Header>
		<wsse:Security soap:mustUnderstand="1"
			xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
			<wsse:UsernameToken>
				<wsse:Username>USERNAME</wsse:Username>
				<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">SECRET</wsse:Password>
			</wsse:UsernameToken>
		</wsse:Security>
	</SOAP-ENV:Header>
	<SOAP-ENV:Body>
		<OTA_ReadRQ
			xmlns="http://www.opentravel.org/OTA/2003/05" EchoToken="ed8835ff-6198-4f38-b589-3058397f677c" TimeStamp="2024-07-06T15:27:41+00:00" Version="1.0">
			<!-- ... other elements and attributes have been omitted for brevity ... -->
		</OTA_ReadRQ>
	</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

<SOAP-ENV:Envelope
	xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
	<SOAP-ENV:Header/>
	<SOAP-ENV:Body>
		<OTA_ResRetrieveRS
			xmlns="http://www.opentravel.org/OTA/2003/05" EchoToken="ed8835ff-6198-4f38-b589-3058397f677c" TimeStamp="2024-07-06T15:27:41+00:00" Version="1.0">
			<!-- ... other elements and attributes have been omitted for brevity ... -->
		</OTA_ResRetrieveRS>
	</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

Last updated 1 month ago

Was this helpful?