Help us improve the Developer Guide! Share your feedback using the “Was this helpful?” option on the right of each page.

Message Structure

Learn how SOAP messages must be structured when using the pmsXchange API, including formatting, headers, and authentication requirements.

Soap Message Structure

All SOAP messages (Requests/Responses) exchanged between SiteMinder and the PMS/RMS must:

  • Adhere to the SOAP message format.

  • Encapsulate the OTA message within the SOAP Body.

  • Requests must include a SOAP Security Header for authentication purposes.

  • Responses must be returned in a SOAP envelope. However, the SOAP Header should be empty.

Version

pmsXchange is using SOAP 1.1

Name
Value

Content-Type

text/xml; charset=utf-8

Authorization

Basic <credentials>

Security Header

The Security Header structure conveys authentication information.

<wsse:Security soap:mustUnderstand="1"	
	xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
	xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
	<wsse:UsernameToken>
		<wsse:Username>USERNAME</wsse:Username>
		<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">SECRET</wsse:Password>
	</wsse:UsernameToken>
</wsse:Security>

The only acceptable value for the Password @Type attribute is http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText. Plain text passwords are acceptable as all communication is done over encrypted HTTP (HTTPS).

Credentials

SiteMinder will provide partners with a single username and password to be used for authentication. These credentials will be global for all hotels using the connection.

Example

<SOAP-ENV:Envelope
	xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
	<SOAP-ENV:Header>
		<wsse:Security soap:mustUnderstand="1"
			xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
			<wsse:UsernameToken>
				<wsse:Username>USERNAME</wsse:Username>
				<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">SECRET</wsse:Password>
			</wsse:UsernameToken>
		</wsse:Security>
	</SOAP-ENV:Header>
	<SOAP-ENV:Body>
		<OTA_ReadRQ
			xmlns="http://www.opentravel.org/OTA/2003/05" EchoToken="ed8835ff-6198-4f38-b589-3058397f677c" TimeStamp="2024-07-06T15:27:41+00:00" Version="1.0">
			<!-- ... other elements and attributes have been omitted for brevity ... -->
		</OTA_ReadRQ>
	</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

Last updated

Was this helpful?