Basic user profile concepts
A User refers to anyone who has a profile record on the Spotnana platform. For example, a user can refer to a traveler, approver, agent, company administrator, TMC administrator, etc. The Spotnana User APIs allow you to create, manage, and access data about these users such as their name, email, roles, persona, company details, travel preferences, and other relevant information.
This page explains some key concepts related to user profiles on the Spotnana platform.
Terminology
The following terms will be helpful to understanding the information presented here.
- TMC partner: A Travel Management Company (TMC) that collaborates with Spotnana to offer the platform's services to their customers. TMCs registered with Spotnana will have a unique
tmcId. - Company or organization: A business entity that utilizes the services of a TMC to manage its travel needs through the Spotnana platform. For example, a TMC may use Spotnana’s Air APIs to offer air booking services to their client companies. The companies registered with Spotnana will have a unique
companyId. You can use the Get company API to view the company's information. - A traveler: Any user who uses the Spotnana platform for travel bookings (e.g., an employee of a company using the Spotnana platform to book car services for their business travel).
User profile types
There are different types of users who use the Spotnana platform (e.g., travelers, arrangers, approvers, etc.). Each user has a profile record on the platform. A persona and role are assigned to each user when the profile is created. These two values can be used to identify the user’s function within the platform, the TMC, and the company.
Personas
A persona represents the function of a user and is assigned to every user profile created on the Spotnana platform. A user can be a company traveler who wants to create a booking or a TMC employee who manages travel services on behalf of the company. The user’s persona defines their function within their company (e.g., an employee, a guest, etc.). In the Get user API response, the persona field will have the user’s persona information.
The following are the user personas supported by the User APIs:
| Persona | Function |
|---|---|
EMPLOYEE | An employee who works for the TMC or a client company. For example, assume that a TMC has integrated with Spotnana to provide travel booking services to their client companies. In this scenario, the EMPLOYEE persona is assigned to both the TMC employees (agents and administrators) and the company travelers who use the Spotnana platform. |
GUEST | A company guest who wants to use Spotnana services. For example, the client company may want to book an air ticket for a customer who is visiting their office or for a candidate who is appearing for an interview. The administrators (TMC and company) can create a GUEST profile on behalf of those users and make the travel booking for them. GUEST users must have a user profile on the Spotnana platform. Only a TMC/company administrator can create a new guest profile. Only a TMC/company administrator or a travel arranger can create a booking on behalf of the GUEST. Note: GUEST users cannot login to the OBT unless they are invited to an active event or a trip. If they are invited to an event or a trip, they can login and create travel bookings for themselves. |
ADHOC | An ADHOC user is a traveler’s guest. Users with the EMPLOYEE persona can create a booking for their ADHOC guests (if their TMC or company has enabled the setting to allow it). Note: Although ADHOC users have a userId, they can’t login to OBT and make bookings for themselves. Each ADHOC user is associated with a profileOwner and only they can make bookings for the ADHOC user. |
Roles
The permissions and access a user has on the Spotnana platform are determined by the role assigned to their profile. The get user roles API can be used to view a user’s role and the update user role API can be used by administrators to modify a user’s role.
The following are the roles supported by Spotnana:
| Role | Scope of access |
|---|---|
GLOBAL_ADMIN | This is the highest level of access within the Spotnana platform. Global administrators can manage TMCs, companies, and platform settings, including user roles, adding new companies and TMCs, and configuring travel policies. Only global administrators can assign another user the role of GLOBAL_ADMIN. This role is typically reserved for Spotnana administrators. |
TMC_ADMIN | This is the highest level of access within a single TMC. It allows the administrators to manage TMC-level settings (e.g., adding a new TMC agent) and the client company configurations (e.g., setting travel policies). A TMC_ADMIN also has the same level of permissions as a COMPANY_ADMIN (e.g., A TMC_ADMIN can create a new user for a company). |
TMC_AGENT | Grants access to manage bookings for all travelers who are part of a specific TMC. Note: A TMC_AGENT cannot modify company settings (e.g., company travel policies). To edit company settings the user must be a TMC_ADMIN or a COMPANY_ADMIN. |
COMPANY_ADMIN | This is the highest level of access within a single company or an organization. Company administrators have full control over their company's travel settings on the Spotnana platform. This includes providing employee access, setting travel policies and traveler preferences, and managing company details such as cost centers, legal entities, departments, offices, and other company-level settings. |
COMPANY_REPORT_ADMIN | This role grants the user access to all company-level reports and analytics dashboards. |
COMPANY_TRAVEL_ARRANGER | Grants access to arrange travel bookings for all users within a specific company. |
TRAVEL_ARRANGER | Grants access to arrange travel bookings for a specific group of company users. These users must be assigned to the TRAVEL_ARRANGER.For example, assume an arranger is assigned to a team of 10 employees. The arranger can book flight tickets on behalf of the employees assigned to him. However, he cannot book tickets for other employees in the same company. A user can have more than one arranger assigned to them. Use the get user travel arrangers API to view the arrangers assigned to a specific user profile. |
User information
The User APIs allow you to update the following details in a user’s profile:
- Personal information such as the user’s name, date of birth, gender, address, email, identity documents (e.g., passport, VISA), phone numbers, profile picture, nationality, and personal payment methods (e.g., credit cards). Use the update user personal information API to update these details.
- Business information such as the user’s designation (i.e., job title within the company), work email, employee ID, legal entity, company details, worker type (e.g., an intern), and the approvers assigned to the user. Use the update user business information API to update these details.
- Travel preferences such as the user’s preferred airline, flight type (i.e., domestic, international or both), airline loyalty memberships, fare type (e.g., refundable only), preferred airports, transaction currency, rail cards, rail coach types, car vendors, and hotel chains or brands. Use the update user’s travel preferences API to update these details.
When creating a new user, the minimum required fields in the API endpoint are the persona, businessInfo > legalEntityRef, and organizationRef. All the other fields are optional and can be updated later. However, when creating a booking for a user, the supplier (e.g., Sabre) may require additional user information such as their name, title, etc. In these cases, if the user profile has only the minimum information, then the booking may fail. If this happens, update the user profile with all the missing information and retry booking.
Identity documentation
Travel documentation can be updated on a user profile using the update user personal information API. The identityDocs field in this API supports the following documentation types:
| Documentation type | Description |
|---|---|
Passport | The passport details of a user including the passport number, expiration date, issuing country, and nationality. |
Immigration document | User’s immigration documents such as the VISA, global entry card, etc. |
Redress number | The redress number of the user who is part of the Travel Redress Inquiry Program. |
Known Traveler Number (KTN) | The user's KTN, used for expedited security screening in trusted traveler programs. |
National document | Any national document of the user (e.g., Aadhar number for Indian nationals) that can be used to support identification of an individual. |
Legal entity
A legal entity represents the formal business unit or corporate entity under which users are employed. When creating a new user profile, the businessInfo > legalEntityRef is a required field and a value that must be passed in the API request. Company administrators, TMC administrators, and global administrators can use the update user business info API to update a user’s legal entity.
Designated approvers
One or more approvers can be assigned to a user profile. These approvers are responsible for reviewing all the travel bookings made by that user. The designated approvers can choose to decline a booking if it violates the company’s travel policies.
When creating a user, the businessInfo > designatedApproverRefs field can be used to assign approvers to the user. The approver details can also be updated using the update user API.
Note: See approval concepts and approval workflow to learn more about the approval process.
User profile status
The isActive field in the get user API response indicates if the user profile is currently active on the platform. If an employee exits an organization, the TMC or the company administrator can use the delete user API to set the isActive field as false. This deactivates the user on the Spotnana platform.
Notes:
- The delete user API does not delete a user profile. It can be used only to deactivate a profile.
- Administrators (
COMPANY_ADMIN,TMC_ADMIN, orGLOBAL_ADMIN) can request deletion of user profiles.
After deactivation, the deletion of the user profile is handled based on Spotnana’s data retention policy.