Skip to main content

Partner Integration Requirement

Partner only needs:
  1. One line of code integration
  2. One API call before booking
That is the full BRG Radar V2 integration.

What We Provide vs What Partner Provides

PageOne Travel provides

  • collector-key (for browser signal collection only)
  • api-key (for server-to-server risk check call)
  • API host and snippet URL

Partner provides

  • session-id (unique per booking attempt)
  • Booker/guest data for the check request
  • Backend call to POST /api/v1/radar/checks before creating booking

1) One Line of Code Integration (Snippet)

Add this on the partner booking page:
Notes:
  • Use a fresh SESSION_ID per booking attempt.
  • Do not put api-key in browser code.
  • data-partner-id is not required.

2) One API Call Before Booking

Call this from partner backend before booking confirm:

Headers

Request body (example)

inventory_id and inventory_country are not required from partner in BRG integration.

Response body (example)

Decision handling:
  • decision = deny: hide the rate / stop booking flow
  • decision = allow or bypass: continue booking flow

How Correlation Works

  • Snippet and check API must share the same session-id.
  • Snippet posts browser/device/network hints first.
  • Check API merges that signal set with server payload and returns one risk decision.

Security Model (Two Keys)

  • collector-key: browser-side, limited to signal collection endpoint.
  • api-key: server-side, required for POST /api/v1/radar/checks.
Do not use api-key in frontend code.

Optional: Manual Collector Test (Browser Fetch)

If you want to simulate snippet behavior: