CU -SEM-VI - E- TOURISM

Before writing the first line of code, you should come up with an architecture that fits your requirements and reflects the needs of developers that will use the API. All APIs have to meet 5 non-functional requirements: Usability: developers should be able to learn and use your API with minimum effort. Reliability: the API should have minimal downtime. Scalability: the system should handle load spikes. Testability: testers should be able to easily identify any defects. Security: the API should be protected from malicious users. Here’s how to design an API that satisfies these requirements. 1. Separate API design into several layers At MindK, we recommend splitting your API into 3 layers, each responsible for a single requirement. These layers (depicted in the picture below) will sit between the client and the API logic: Keep your API as small as possible. You can always add functionality, but never remove it. 2. Choose your architectural style: REST vs SOAP There are two common approaches to API architecture – REST and SOAP. Below you can find their main differences: Simple Object Access Protocol (SOAP) Representational State Transfer (REST) An official protocol with strict guidelines. A flexible architectural style with a number of loose guidelines. Works with application layer protocols like Works only with HTTP. HTTP, UDP, and SMTP. Requests can’t be cached. Requests can be cached. Requires detailed API contracts. No detailed contracts needed. Has built-in security, error handling, and Developers have to take care of security, authorization. error handling, and authorization 201 CU IDOL SELF LEARNING MATERIAL (SLM)

themselves. Uses a verbose XML data format for Uses a variety of data formats including communication that consumes more JSON, XML, HTML, and plain text. bandwidth. Provides data as services (verbs + nouns – Provides data as representations of https://my-api/get-user-data). resources (nouns only – https://my- api/users). Benefits: higher security and extensibility. Benefits: higher performance, scalability, and flexibility. Great for: legacy and enterprise apps with Great for: web and mobile apps. high security requirements (e.g. payment gateways, ERP systems, CRM software). Table 12.1 REST and SOAP Currently, REST is the most popular approach to building web APIs, representing over 70% of public APIs. At MindK, we prefer its ease of work, better performance, and scalability. Its great flexibility provides more freedom to create an API as long as your architecture follows six constraints that make it truly REST-ful: Uniform interface: there must be a unified way to interact with your server. In other words, requests from different clients (for example, a mobile app and a website) will look similar. One resource in your system must have a single name, called Uniform Resource Identifier, that will be referenced in API requests (https://my-api/users). Statelessness: as servers store no information about previous interactions, each API request should provide the necessary context. Separation of concerns: the app’s backend should be developed independently from its user interface. Caching of responses: servers should inform clients whether the response can be stored in cache. Multiple communication layers between the server and the client. Code on request: if requested, API responses might include executable code. As REST relies on a familiar HTTP protocol, developers can get up to speed much faster. A human-readable JSON format is more lightweight than XML, easier to parse, and works with all programming languages. 202 CU IDOL SELF LEARNING MATERIAL (SLM)

If your API needs to work with both JSON and XML (for example, for legacy systems), you can change output depending on the requested format via request headers. Following the OpenAPI Specification is the best way to design REST APIs. It’s a widely accepted and language-agnostic standard for building an API interface. It allows both machines and humans to understand the API functionality without accessing source code or reading the documentation. You can use the standard to generate documentation, clients, and servers in different languages. 3. Think about security Poorly designed APIs can be a major source of vulnerabilities – improper authentication, API keys in URI, unencrypted sensitive data, injections, replay attacks, stack trace leaks, DDoS attacks, and so on. So pay strict attention to security at the design stage by incorporating these 4 security layers: Identification (who is accessing your API) You can use unique randomized identifiers called API keys to identify developers accessing your API. These IDs can help detect “unlawful” behavior. As API keys aren’t encrypted, you’ll need other security measures to protect your API. Moreover, sending such keys in a Uniform Resource Identifier (URI) makes it possible to extract the keys from browser history. It’s recommended to send the keys via the Authorization HTTP header as it isn’t recorded in the network logs. Authentication (proving who you really are) You can use OpenID for authentication. It redirects developers to an authorization server where they can confirm their identity with a combination of login + password. Authorization (limiting what you are allowed to do) Authenticated users need a list of permissions that match their access level. OAuth2 is our preferred authorization method. It’s faster and more secure than other mechanisms as it relies on tokens instead of usernames and passwords. Encryption (making sure the data is unintelligible to unauthorized users) It’s recommended to use SSL/TLS encryption to protect API traffic against certain attacks like credential hijacking and eavesdropping. You should also use end-to-end encryption for sensitive data like medical records or payment details. You can use tokenization or mask the data from appearing in logs and trace tools. Security is often built into API frameworks. At MindK, we like to use NestJS to develop internal APIs for our web and mobile apps. In addition to its excellent security, it features Typescript support, greater flexibility, and a large community. Another part of security comes from the way you deploy your APIs. We prefer AWS deployment for its large-scale security features. 203 CU IDOL SELF LEARNING MATERIAL (SLM)

Step #3. Develop your API After you’ve finished your API design, it’s time to build your own API. This is an iterative process. We like to build our APIs one endpoint at a time, gradually adding more functionalities, testing them, and writing detailed documentation. 1. Define all API responses Depending on the request, your API can return a successful response or an error of some type. Either way, it’s important to standardize responses so they can be processed in a standard way by the client. You can start by defining the successful response. It will usually contain a status code (for example, 201: resource created OK), a time stamp, and requested data (usually, in the JSON format). You can view all the status codes in the picture below: 2. Handle exceptions and errors Your API should properly handle all exceptions and return correct HTTP status codes instead of a generic “500: Internal Error”. If the API can’t complete an action due to an exception, it’s recommended to describe the error in the response message. Be careful as APIs can leak sensitive information in error messages – names of servers, frameworks, classes, versions, and SQL queries used on the project. Hackers can use this to exploit known vulnerabilities in the aforementioned resources. To counter this, use an API gateway which standardizes error messages and avoids exposing sensitive information. 3. Build an API endpoint Simply put, an API endpoint is one end of a communication channel – a URL that receives your API requests: https://my-api/this-is-an-endpoint https://my-api/another/endpoint https://my-api/some/other/endpoint While developing an API endpoint, you’ll need to specify the types of requests it can receive, its responses, and errors. With the REST architecture, your endpoints can receive requests that contain different HTTP methods: The GET method is used to read resources from your database. As GET can’t modify data, it’s considered a safe method. POST is used to create a new subordinate resource in your database. PUT is used to update the whole resource. 204 CU IDOL SELF LEARNING MATERIAL (SLM)

PATCH is used to update a part of a resource. DELETE is used to delete a resource. GET, PUT, DELETE, HEAD, and PATCH requests must be idempotent (repeating the same call to the same resource must lead to the same state). For the sake of consistency, it’s recommended to always use plural for your resources and follow standard naming conventions. After you’ve built an endpoint, it’s important to check whether it’s behaving as expected by writing a Unit and Integration test. 4. Implement pagination and search by criteria (as part of GET requests) Sometimes, API responses contain too much data. For example, there can be thousands of products relevant to a search in an e-commerce app. Sending all of that in a single response would be extremely taxing on your database. To decrease response times and protect your API against DDoS attacks, split the data into several “pages”. For easier navigation, each page should have its own URI. The API should only display a portion of data in one go and let users know how many pages remain. There are several pagination methods to choose from: HTTP range headers (for binary data); fixed data pages (all pages have an equal size); flexible data pages (the client app specifies the page size); offset and count (instead of dividing the data into pages, the API views it as a collection of items. The client can specify a starting index and the number of items to be returned); and default values. For easier sorting, use various filters like time of creation or price, and implement search via a query string. 5. Analyse your API for performance The API should be fast to provide adequate developer experience. But before making any optimization efforts, it’s important to analyze your API performance. You can insert a statement about code usage and performance analysis like Clinic.js for Node.js or php profilers for PHP. When you’re aware of your performance indicators, start improving them. For example, requesting large binary resources like images can slow API responses. One way to avoid such issues is to enable the Accept-Ranges header for GET requests for large resources. 205 CU IDOL SELF LEARNING MATERIAL (SLM)

You can also use HTTP compression to cut the size of large objects. By combining compression with streaming, you can reduce the latency even further. Particularly large resources can be partitioned for faster service. 6. Implement client-side caching (if needed for performance or other reasons) Storing data for subsequent requests can speed up the API and save traffic as users won’t have to load the recently fetched data. After receiving a GET request, your API could send a Cache-Control header specifying whether the data in the response is cacheable. The header can also indicate when the data will be considered expired. 7. Write API documentation You can use different API documentation tools to auto-generate docs from your OpenAPI definition layer. The docs should provide developers with all the necessary information to consume your API: authentication scheme; endpoints definition (their function and relations to other endpoints); supported HTTP requests and responses; all interfaces, classes, constructors, and exceptions; methods, structure, and accepted parameters for each URI; and error descriptions. When developing a private API, you can get away with simple reference documentation. With a public API, the quality of documentation will directly influence its adoption rate. So provide the best documentation possible, supported by examples, SDKs, and tutorials. 8. Add versioning (for a public API) At some point, you’ll likely want to expand the functionality of your API. It’s critical to ensure these changes don’t break the apps that rely on the API. Versioning allows you to specify the resources and features exposed by the API so that users can direct requests to a particular version of a resource/feature. Include a new version in the request header or in your URL And don’t forget, make sure programs that work with one version of your API will be able to use future versions (backwards compatibility). 206 CU IDOL SELF LEARNING MATERIAL (SLM)

To make changes easier on developers, add a mediation layer to serve as a single point of service for different versions of your API. It can also provide higher scalability, security, and simplify the developer experience. 9. Use throttling Sudden increases in traffic can disrupt your API – a tactic often used in Denial of Service (DDoS) attacks. To prevent this, use: Traffic quotas – a limit on the number of requests an app can make per hour/week/month. Spike arrests – set a rate at which an app can make requests per minute/second. Calls that exceed this limit get their speed reduced. Concurrent rate limits – an app can’t make more than x parallel connections to your API. Step #4.Test your API With API virtualization, you can start testing your API before it’s finished. In addition to Unit and Integration tests, you can perform Functional, Reliability, Load, Security, and other kinds of tests. Here are a few general rules for API testing: test API functions in isolation; use realistic data for realistic results; test under a variety of network conditions that users might encounter in production; simulate errors and edge cases by rapidly changing responses; and don’t use live APIs for performance testing. For a more comprehensive overview, check out our guide to API testing! Step #5. Monitor your API and iterate on feedback When done with testing and reviewing, it’s time to deploy your API to production. Most enterprise APIs are hosted on API gateways that guarantee high security, performance, and scalability. Once the API is deployed, you’ll have to monitor its success metrics. Depending on your goals and the type of your API, you might want to track: API uptime; Requests per month; Monthly unique users; Response times; 207 CU IDOL SELF LEARNING MATERIAL (SLM)

Server CPU/memory usage; Time to receive the API key; Time to first 200 OK response; Time to first profitable app; Monthly revenue (for monetized APIs), etc. You can use tools like Postman Monitoring, Uptrends, or Amazon CloudWatch (AWS-only) to monitor response time, performance, uptime, availability and more in real time. You’ll also have to collect user feedback and incorporate changes into next iterations of your API. 12.4 SUMMARY  Application programming interfaces, or APIs, simplify software development and innovation by enabling applications to exchange data and functionality easily and securely.  An application programming interface, or API, enables companies to open up their applications’ data and functionality to external third-party developers, business partners, and internal departments within their companies. This allows services and products to communicate with each other and leverage each other’s data and functionality through a documented interface. Developers don't need to know how an API is implemented; they simply use the interface to communicate with other products and services. API use has surged over the past decade, to the degree that many of the most popular web applications today would not be possible without APIs. 12.5 KEYWORDS  Uniform Resource Identifier (URI): A Uniform Resource Identifier (URI) is a unique sequence of characters that identifies a logical or physical resource used by web technologies. URIs may be used to identify anything, including real-world objects, such as people and places, concepts, or information resources such as web pages and books. 208 CU IDOL SELF LEARNING MATERIAL (SLM)

 Interface: A point where two systems, subjects, organizations, etc. meet and interact.  Scalability: The capacity to be changed in size or scale  Protocol: The official procedure or system of rules governing affairs of state or diplomatic occasions.  Compliance: The state or fact of according with or meeting rules or standards. 12.6 LEARNING ACTIVITY 1. Define the term API. __________________________________________________________________________ __________________________________________________________________________ __________________________________________________________________________ 2. Explain the meaning of Software development. ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ 12.7 UNIT END QUESTIONS A. Descriptive Questions Short Questions: 1. Why we need APIs 2. Give some Common API examples 3. State the uses of API 4. How API is setup? 5. Mention few types of API. 209 CU IDOL SELF LEARNING MATERIAL (SLM)

Long Questions: 1. Mention types of API protocols. 2. Explain in detail procedure of setting up a strong API 3. Give some recent examples of API 4. State some features of API 5. Explain the term Data monetization B. Multiple Choice Questions 1. An API is a set of defined rules that explain how computers or applications communicate with one another. a. API b. PPBI c. DMS d. ITC 2. Without __________ many enterprises would lack connectivity and would suffer from informational silos that compromise productivity and performance. a. BPI b. API c. DMS d. ITC 3. ________________ your API strategy is essential for its long-term success. a. Organising b. Planning c. Checking d. Deleting 210 CU IDOL SELF LEARNING MATERIAL (SLM)

4. Before writing the first____________, you should come up with an architecture that fits your requirements and reflects the needs of developers that will use the API. a. Summary b. Paragraph c. System file d. Line of code 5. servers should inform clients whether the response can be stored in ___________. a. Store b. Application c. Cache d. Drive Answers: A-a, B-b, C-b, D-d, E-c 12.8 REFERENCES  An Introduction to APIs Kindle Edition by Brian Cooksey (Author), Stephanie Briones (Illustrator), Danny Schreiber (Editor), Bryan Landers (Editor)  API Testing and Development with Postman: A practical guide to creating, testing, and managing APIs for automated software testing Paperback – Import, 7 May 2021 by Dave Westerveld (Author)  Enterprise API Management: Design and deliver valuable business APIs Paperback – Import, 23 July 2019 by Luis Weir (Author) 211 CU IDOL SELF LEARNING MATERIAL (SLM)

UNIT – 13 API FUNCTIONS STRUCTURE 13.0 Learning Objectives 13.1 Introduction 13.2 Meaning and significance 13.3 White labelling for B2C model 13.4 significance of API for small travel players. 13.5 Summary 13.6 Keywords 13.7 Learning Activity 13.8 Unit End Questions 13.9 References 13.0 LEARNING OBJECTIVES After studying this unit, you will be able to:  Understand the concept of API functions  Identify different methods for white labelling B2C models  List some importance of API for small travel players 13.1 INTRODUCTION Sharing ideas quickly is an important part of collaboration and communication. The interconnectedness of your professional work and the ease of your personal life is often possible because of application interfaces. Learning about these interfaces can help you share data more efficiently and apply APIs during web development projects. In this article, we define API functions, list some types of APIs, explain their components and provide three examples of them in use. 212 CU IDOL SELF LEARNING MATERIAL (SLM)

13.2 MEANING AND SIGNIFICANCE An application programming interface (API) functions with the goal of allowing different systems, applications and devices to share information with each other. APIs work by translating a user's input into data, which helps a system send back the right response. For example, if you pay a phone bill online for a company, an API notifies the website or application's system that you clicked \"pay,\" prompting the system to ask for your payment information. Types of APIs Here are some ways developers often program their APIs: SOAP APIs Simple object access protocol (SOAP) APIs are a type of web development tool that both humans and machines can read. To use a SOAP API correctly, developers often have to follow precise rules for writing requests and responses. This can ensure that the content they write is easy for machines to interpret and users to analyze. REST APIs Representational state transfers (REST) are another type of API. Developers typically aim to design REST APIs in a way that's easy to use and understand. They accomplish this by writing an effective product endpoint, which is the end of a channel of communication that conveys a specific idea to the API. Endpoints often occur at the end of a URL. Developers might use a straightforward endpoint like \"/products\" instead of one that's less clear, like \"/pro_429\" to ensure users can understand it easily. Private APIs Only developers within an organization can use these APIs, which is why they're also known as internal APIs. Using internal APIs might be useful if you work in a company that values security or handles financial transactions. If a development team uses a private API, all creative and innovative ideas come solely from inside the company, meaning the company also has more control over the application. Open APIs Open APIs are also referred to as external or public. This is because external developers can use these APIs, sometimes for free. For example, if a social network has an open API, someone designing a website might use it to add their social media feed to their website's home page. Open APIs can save external developers time, allowing them to create more engagement around the original development team's applications. 213 CU IDOL SELF LEARNING MATERIAL (SLM)

Components of API functions Here are the components developers use to design APIs: Header Headers function as an extra source of information for each API request you make. They represent the metadata of each request and response. The header is often the first place developers look when solving problems with an API. Endpoint An endpoint is the part of a URL that communicates with an API. APIs operate through requests and responses with endpoints. When an API requests data from an app or server, an endpoint sends back a response. This helps the API get the resources it needs from a server to perform a task. Endpoints can also help users understand the purpose of a URL easily. For example, a website's shopping cart page might use the endpoint \"/cart.\" Method Here are some most common methods developers use to make a specific request: Delete: A developer might use this request to tell the server to delete a resource. For example, you could use this request to delete a blog post. Put: Developers use \"put\" to request an update to an existing resource or to create a new one. For example, you could use this function to update the prices on all the shirts in a website's online store. Post: While \"post\" creates and updates existing resources by sending data to the server like the \"put\" request, \"post\" requests also accumulate if you use them multiple times. For example, if you make two \"post\" requests to add a new user to your newsletter, the user's name may appear on the user list twice. Get: This requests information from a server. For example, you can use the \"get\" request to acquire a list of every person subscribed to a newsletter. Data Developers also call data the body of a request, which they either send to a server or a server returns to them. Sometimes, a developer needs to input specific information before they can make changes or add data. For example, if you're editing a specific product on a 214 CU IDOL SELF LEARNING MATERIAL (SLM)

shipping website, the server may ask you for a product ID before it allows you to revise the product. 3 examples of API functions Here are three examples of how API functions optimize user experiences: 1. Searching for hotels Damien is browsing a travel website while planning a company trip to Denver, Colorado. When he enters the specific type of hotel and room he's seeking, an API requests deals from other websites and compiles them onto one page so it isn't necessary for him to leave the travel site. The website also integrates its API with a car rental company, which allows him to book a hotel room and rental car he can drive during the business trip in the same transaction. 2. Finding a new restaurant During an external sales visit, Yvonne uses her smartphone to find restaurants in the area. She opens a map application, which shows her nearby restaurants. Since the app's API integrates with certain restaurants, she can see their average reviews, check their menus and look at photos of their food. After choosing a restaurant, she uses the same application to get directions to her destination quickly. 3. Collecting and sharing data Here's an example of how API functions may improve a user's attempt to collect and share data 13.3 WHITE LABELLING FOR B2C MODEL What Is White Label? Not every business develops its offering intending to operate on a B2C model (customer- facing model). Some focus on getting resellers and even let such resellers to sell their offerings under their own brand name. This type of business operations is called white labelling, and the product that’s offered is called a white-labelled product. 215 CU IDOL SELF LEARNING MATERIAL (SLM)

Businesses usually choose this model when they desire to focus just on the manufacturing and production, and not on how the product is marketed, promoted, or sold in the market. What Is White Labelling? White labelling is a process where one business produces a re-brandable and re-sellable product or service that another business sells under its own brand. In simple terms, this process lets two businesses join hands and divide the tasks of manufacturing and selling while the seller takes the benefit of building a brand out of such offering. What Is White Label? White label is a business model where a manufacturer produces an unbranded offering and signs an agreement with other resellers to sell it under their own brand name. This business model often involves signing agreements with one or more sellers, who rebrand the offering and even sell the same offering at different price tags depending upon their own brand equity. How White Labelling Works? White labelling involves an agreement between two parties – Manufacturer: The business that develops a re-brandable and re-sellable product. The only task of the manufacturer is to develop a good quality un-branded product that has a demand in the market. Reseller: The business that buys the product from the manufacturer and sells the same under its own brand. Reseller works on building its own brand, marketing, and promoting the product in the market to get sales. The reseller customises the product according to its brand guidelines and presents it as its own offering to the end consumer. By doing this, it makes the customers believe that the product is unique to its brand. The white labelling process involves a legal-agreement between these two parties that includes a set of specific and detailed provisions like: The relationship between the two parties: Are they partners or just two businesses in trade? The manufacturing and development of products: Can alterations be made to the existing process and special requests be entertained by the manufacturer? Product packaging: How the product should be packed, and what are the guidelines for labelling? Will the manufacturer apply the label of the reseller or it has to be done by the reseller himself? The Rights of both the parties: Can the manufacturer sell the product to other resellers as well? If not, what are the restrictions? 216 CU IDOL SELF LEARNING MATERIAL (SLM)

Responsibilities of both the parties: Who handles what (like after-sale services, warranties, order fulfilment etc.) Pricing: How the costs and profits are divided? Intellectual property rights: Does the manufacturer hold ownership of the product formulation? Who owns the intellectual property rights? Other terms White labelling is a lot common in the software industry where the offering manufacturer signs such contracts with more than one seller, resulting in different brands selling a similar offering. Advantages And Disadvantages Of White Label Products Deciding to buy a generic product from a manufacturer, customising it, building a brand out of it, and selling it as the brand’s unique product does has its own pros and cons for both the manufacturer and the reseller. Advantages To The Manufacturer Ready Demand: The white-label product manufacturer usually chooses the niche that already has a proven demand. Such demand comes with an assurance that whatever it’ll produce, there’ll be business buyers who’ll buy it. Saves marketing and promotion cost: Manufacturers save a lot of time, money, and effort that could have been spent if they chose to sell the products directly to the customers. Economies of scale: Usually, white labelling involves signing agreements with more than one seller. This helps the manufacturer make use of economies of scale while manufacturing. Moreover, focusing just on manufacturing helps in finding or developing cost-effective ways to make the offering. Advantages To The Reseller Easy market entry: White labelling makes it easy for new businesses to enter the market. Saves manufacturing costs: Manufacturing costs of developing certain products can be a lot as it involves buying machinery, renting space, and hiring workforce. White labelling protects the reseller from such expenses. Helps In Focusing on brand building: White labelling helps resellers focus most of their time, efforts, and other resources in building a trustable brand in the market that aids sales. Aids Expansions: White labelling is a great option for resellers who want to scale fast and add new offerings to their portfolio without investing much in manufacturing them. Discounted Sales: The saved costs of manufacturing enables the resellers to sell the offering at a discounted price. 217 CU IDOL SELF LEARNING MATERIAL (SLM)

Disadvantages To The Manufacturer No name in the market: Manufacturers are not able to develop their own brand in the market or face customers. Reseller Dependency: They have to depend on resellers for sales. Limiting Terms: Sometimes, resellers and manufacturers sign agreements that prevent the manufacturers from entering into a similar contract with the reseller’s competitors. This prevents growth of the manufacturer. Disadvantages To The Reseller Manufacturer Dependency: Resellers have to depend on manufacturers not just for the initial products, but also for repairs, and warranty fulfilment. High Competition: There are times when the manufacturer offers the same offering to more than one reseller. This increases competition in the market. Limited Customisation Options: Since the manufacturing isn’t in the hands of the reseller, customisation is limited. White Label Examples White-labelling, even though, more prominent in the software and SAAS industry, is seen everywhere from fashion to food industry. Here are some examples: Fenty Beauty Fenty Beauty is a cosmetic brand launched by Rihanna. The company has signed a deal with Kendo holdings that that manufactures cosmetics as white-label products for the brand. The same manufacturer produces makeup for other companies like Kat Von D, Marc Jacobs, Lip Lab, Bite Beauty, etc. Social Media Management Software Often in the SAAS industries, white label products are offered as scripts or APIs that can be used by the resellers under their own brand name. There are specialised marketplaces like Code Canyon that helps developers sell such scripts to the resellers. Social media management software is one example of such scripts. Credit Card Processing Often, banks partner with white-label service providers who do the field-job of collecting the information of the leads before the credit card goes into processing. AliExpress Dropshipping Aliexpress is an ecommerce marketplace based in China that lets resellers sell its products under their own brand name. 218 CU IDOL SELF LEARNING MATERIAL (SLM)

This model is called dropshipping. In this model, the seller on AliExpress handles the manufacturing and shipping of the product while the reseller only focuses on building a brand and getting sales. White Label vs Private Label While mistaken to be same, white label is not same as private label. White Label Private Label White labelling involves buying an Private labelling involves signing an unbranded offering from a exclusive contract with a manufacturer who Definition manufacturer who often sells the develops the product according to the needs same offering to other resellers as of the seller, who then markets and sells it well. under its own name. It doesn’t involve much Customisation It involves customisations. customisations. Exclusiveness White label manufacturers are not Private label manufacturers are exclusive to exclusive to a reseller. resellers Example Kendo is a white label manufacturer that provides products to Rihanna’s Fenty beauty 365 Everyday Value is a private label line of Whole Foods. It is exclusive to the brand. as well as Kat Von D, Marc Jacobs, and Lip Lab. Table 13.1 White Label vs Private Label 13.4 SIGNIFICANCE OF API FOR SMALL TRAVEL PLAYERS. Things are so much complicated and messy in our life that we always look for the best convenient mode to get the best out of it. Technology is something that has made our life quite very simple. In accordance with the present time, every business needs to be technology inbuilt in order to lure more and more customers towards it. For the travel domain API integration is the most important part. The travel business is not limited to a small circumference but it is a global affair. People are traveling unhesitant to all the parts of the world and what makes this desire of their simple and convenient is the world of internet. Through internet they get the integrated and one place result for all their desires. 219 CU IDOL SELF LEARNING MATERIAL (SLM)

Whatever they are looking for, they get it all at a place like hotel bookings, flight bookings, holiday bookings, bus reservation, etc. Earlier when the technology of integration was not there, travellers needs to visit different sites for different bookings like for flights they need to go to aviation website and for hotel booking they need to search for good hotel website. Searching for so many thing at a time not only increases the confusion, but it was much time taking as well. From the side of the travel agents, the mode was also not something that could bring good profit to them. The need of one place to end up all travel related searches led to Travel API integration. It is a platform that provides one solely place to get the best travel searches result. With this travel technology, agents can integrate their website and can offer the best deals of the industry to their travellers as well. This way the travel hunter stays in his website for a longer time and hence a huge traffic will be converted into good business as well. XML API integration gives the best possible dimension to the travel website to attract more and more travellers towards it. This is not at all cheap as well. Depending on the business type and the budget travel agents can choose for Direct API, 3rd Party API and white label solution. 13.5 SUMMARY  Travellers nowadays do proper research before booking their trips or packages. According to a study, a common traveller does 4.4 unique website searches before making a decision. People also prefer ‘all-in-one-place platforms for their reservation bookings rather than switching their apps for different requirements. And for any Travel Business to cater to the requirement of their customer, it becomes essential to bring the desired content on their online platform. To offer online booking services, Travel Business would need to pick data from various inventory sources, and that is where travel API comes into place.  In the past few years, api integrations have reshaped how the Travel Business are utilizing the content from various sources and create great user experience for their travelers.  White labelling is a process where one business produces a re-brandable and re- sellable product or service that another business sells under its own brand.  In simple terms, this process lets two businesses join hands and divide the tasks of manufacturing and selling while the seller takes the benefit of building a brand out of such offering. This business model often involves signing agreements with one or 220 CU IDOL SELF LEARNING MATERIAL (SLM)

more sellers, who rebrand the offering and even sell the same offering at different price tags depending upon their own brand equity. 13.6 KEYWORDS  SOAP API s: Simple Object Access Protocol (SOAP) is a message specification for exchanging information between systems and applications. When it comes to application programming interfaces ( APIs ), a SOAP API is developed in a more structured and formalized way.  Endpoint: The final stage of a period or process  White Label: A vinyl record which is supplied with a plain white label before general release for promotional purposes.  Drop-shipping: Providing (goods) by direct delivery from the manufacturer to the retailer or customer.  Private label: Denoting a product manufactured or packaged for sale under the name of the retailer rather than that of the manufacturer 13.7 LEARNING ACTIVITY 1. Define the term White label __________________________________________________________________________ __________________________________________________________________________ _________________________________________________________________________ 2. Explain the meaning of small players. ___________________________________________________________________________ ___________________________________________________________________________ ___________________________________________________________________________ 221 CU IDOL SELF LEARNING MATERIAL (SLM)

13.8 UNIT END QUESTIONS A. Descriptive Questions Short Questions: 1. Define SOAP APIs 2. Give meaning of REST APIs 3. Explain Components of API functions 4. Mention 3 examples of API functions 5. Which are some of the most common methods developers use to make a specific request? Long Questions: 1. What Is White Labelling? 2. How White Labelling Works? 3. State some Advantages And Disadvantages Of White Label Products 4. Give few White Label Examples 5. Differentiate between White label and Private label B. Multiple Choice Questions 1. ________________ APIs are a type of web development tool that both humans and machines can read. a. SOAP b. PASS c. DASC d. REST 2. ___________ function as an extra source of information for each API request you make. a. Footer b. Header c. Note d. Add 222 CU IDOL SELF LEARNING MATERIAL (SLM)

3. ______________ is a process where one business produces a re-brandable and re-sellable product or service that another business sells under its own brand. a. Black labelling b. White labelling c. New labelling d. Grey labelling 4. __________________ is the business that buys the product from the manufacturer and sells the same under its own brand. a. Seller b. Buyer c. Customer d. Reseller 5. The travel business is not limited to a small circumference but it is a ________ affair. a. Home b. Party c. Global d. Double Answers: A-a, B-b, C-b, D-d, E-c 13.9 REFERENCES  An Introduction to APIs Kindle Edition by Brian Cooksey (Author), Stephanie Briones (Illustrator), Danny Schreiber (Editor), Bryan Landers (Editor)  API Testing and Development with Postman: A practical guide to creating, testing, and managing APIs for automated software testing Paperback – Import, 7 May 2021 by Dave Westerveld (Author)  Enterprise API Management: Design and deliver valuable business APIs Paperback – Import, 23 July 2019 by Luis Weir (Author) 223 CU IDOL SELF LEARNING MATERIAL (SLM)

UNIT - 14 CASE STUDIES Case studies: 1. Makemytrip.com 2. Expedia.com 3. Booking.com 4. Yatra.com 1. CASE STUDY : MAKEMYTRIP.COM MakeMyTrip is an example of a company that has been able to capitalise on local market knowledge and the application of international technology to quickly win enormous market share. MakeMyTrip is an online travel company headquartered in Haryana, India. It provides an online “one-stop-shop” for travel products and services for the domestic Indian market. With customer focus and a commitment to technological innovationat the centre of its business model, it has rapidly grown to dominate the Indian travel sector since it entered the market in 2005. Its new Route Planner application, launched in 2013, integrates data on domestic flights, buses, trains and cabs to offer unprecedented travel information to its users, providing exact connectivity options between any two Indian cities. The application sifts through 1 billion possible routes and over 20 billion possible schedules in seconds to offer optimum travel combinations. It offers ticket options for certain legs of the journey and information for the rest. Central to the company’s success is its pioneering use of mobile technologyas a platform for sales and service. Director Airlines and Agency Alliances Sanjeev Bhasin said the company invested in understanding the local market content and tastes and applied the very latest in technologies to the Indian market. It also timed its entry at the start of a boom in low cost air fares and mobile phone and internet usage. With a slew of popular marketing promotions over the years, MakeMyTrip has established strong brand recognition nationwide. It is the leader in online air-ticketing in India – 1 in 8 tickets booked online in India is through MakeMyTrip.com. 224 CU IDOL SELF LEARNING MATERIAL (SLM)

Its first mobile application was launched in 2012 - today it offers apps across iOS, Android and Windows platforms that enable booking of air travel, hotels, bus and train reservations as well as other geo-targeted travel services. The MakeMyTrip mobile app has received 2.4 million downloads to date. Mobile is a key growth channel - 20% of the site visitors are currently contributed by mobile and around 10-15% of domestic flights and nearly 25% of hotels are booked via mobile. Amongst mobile bookings, more than a quarter consist of new customers who have never before transacted with MakeMyTrip. The implication is that MakeMyTrip’s mobile technology has introduced these emerging customers to the travel market. 2. CASE STUDY: EXPEDIA.COM We’ve worked with Expedia since 2014, with an evolving remit across both SEO and content. In 2019 we carried out one of the most ambitious projects the partnership has seen so far.The team at Expedia were preparing to launch a new publishing platform for inspirational travel content. Its aim was primarily organic traffic acquisition, so they needed a content strategy backed up by SEO data. So far, so standard. Except that the content needed to cover the widest possible range of travel-related terms – including everything from major attractions and points of interest to activities, neighbourhoods and more. Plus, Expedia needed it all in five languages: English, French, German, Italian and Spanish. What we did First things first, we began compiling huge-scale keyword research in all five languages. Your average keyword research project might cover something like 3,000 to 5,000 keywords, whereas we collated over 1 million keywords for this project. We provided keywords in English, French, German, Italian and Spanish, and covered a huge range of travel topics related to over 100 destinations. The scope of the keyword research was only feasible thanks to our unique process for conducting keyword research at scale. Where traditional keyword research involves intensive manual effort, we do things a little differently. Through close consultation with the Expedia team, as well as our own travel industry expertise, we started by defining and categorising a comprehensive seed keyword list. We then used our machine learning-assisted process to 225 CU IDOL SELF LEARNING MATERIAL (SLM)

generate a usable output list of more than 1 million keywords covering a huge range of topics. This keyword list then formed the basis for both content strategy and wider SEO strategy, with far-reaching possibilities for ranking analysis and more. 3. CASE STUDY : BOOKING.COM Founded in 1996 in Amsterdam, Booking.com is a travel e-commerce company. No, it's not an ordinary one. It's one of the biggest in the world. Built on data-driven innovation, they have the world's most extensive collection of incredible places to stay in. They offer more than 28,000,000 total listings in 229 countries and territories worldwide. Challenges faced by Booking.com Even though booking.com had a global presence in the travel e-commerce industry, making an entry into the fierce Indian market was always a challenge. Crowded with already trusted Indian brands in the market, booking.com faced the same challenges faced by foreign brands. Branding or rather, in this case incorporating their already established brand image in the Indian market. On top of that, booking.com focused more on a premium range of travel destinations and places to stay in. That increased the complexity in attaining a very niche, well-salaried target segment. Why Vantage Circle was the preferred solution The problems had an obvious solution. Target the segment of well salaried corporate employees. For this purpose, it was a no-brainer that Booking.com had to go for an employee engagement platform. But the problem was which one? 226 CU IDOL SELF LEARNING MATERIAL (SLM)

Booking.com needed a platform that had with itself a large number of corporate employees. Along with that, It also required large numbers of brands onboard for better usability, convenience, and accessibility. Vantage Circle was the ideal solution in more than one way. Few factors that need to be taken into account regarding employee engagement platforms are The Associated Merchants Local And Indigenous Connections Exclusivity And Relevancy Of Your Discounts Duration Of The Contract Vantage Circle ticks all the boxes Vantage Circle has over 1,000,000 employees onboard. This massive pool of employees needs a constant flow of sales or bookings in this case. To maintain a healthy platform, we have over 250+ brands onboard with us. Vantage Circle has helped Booking.com become a relevant player in the Indian market by establishing its brand name. How The Marketing Was Done Listing On App And Website. Ad Banners On The Site And App. Mobile Ad Notification. Pop-Ups. Non-Exclusive Mailers. Display Ads In Infosys And SLK. Booking.com has been able to do about 50 bookings per month with Vantage Circle. They get the highest amount of sales traffic from New Delhi. Booking.com is one of the many success stories of our brand collabs. 227 CU IDOL SELF LEARNING MATERIAL (SLM)

4. CASE STUDY: YATRA.COM Yatra.com is India’s leading Online Travel Portal offering solutions for all your travel needs. From air tickets to hotel rooms to holiday packages to buses to car rentals, yatra.com has everything for its customers. Yatra.com based in Gurgaon, started with 3 members in 2006 that rose to 700 in 2008 and 1000+ in 2016. Yatra.com provides reservation facility for more than 50,176 hotels in India and over 500,000 hotels around the world. The portal has reached to such a height that the company is doing 20,000 domestic tickets and 7500 hotels and holiday packages a day. How Yatra.com started? While Dhruv, Manish and Sabina were working with ebookers during the year 2000-05, online travel industry was growing with pace. It was then when the trio learnt about the online travel industry. They decided to do something of their own and after a lot of brainstorming; they started with the process of Yatra.com. Growth Yatra.com provides an access to the best travel deals across numerous national and international destinations. It is among leading aggregator of hotels in India. Yatra.com provides reservation for 50, 176 hotels across 500+ destinations in India as well as 430,000 hotels worldwide. The brand has reached the height of trust by its customers and till date it has more than 31,538,129 happy travelers. Currently Yatra.com is doing average revenue of Rs 100 crores a month and a volume of more than 6,500 air tickets and 300+ hotel room nights per day. Today, more than 80% bookings comes from online media like computer or mobile browser or apps and other 20% comes from call centers. With booking of more than 20,000 domestic tickets and 5,000 hotels per day, Yatra.com has achieved a huge success in his journey till now. Marketing Strategy Yatra in its initial timespan used Print media as a method of advertisement. Soon people started knowing about the services of the company and then Yatra it moved on to TV advertisement and endorsed Boman Irani as its brand ambassador. In the year 2012, it endorsed Salman Khan as its brand ambassador. It helped the company in many ways and in 228 CU IDOL SELF LEARNING MATERIAL (SLM)

short it increased the customer base for the company. Side by side, Yatra also performed online marketing using different marketing strategy like google AdWords that helped the company grow rapidly. Bollywood actor Salman Khan is the brand ambassador as well as a shareholder in the company. Earlier, Bollywood actor Boman Irani has also been the brand ambassador for Yatra.com online flight booking services. In April 2014, Yatra.com announced to be the Official Travel Partner of IPL Team Rajasthan Royals. Social media campaigns Yatra.com started a Facebook Page around the “Happy Travelers” theme. It included the pictures of the happy customers of Yatra. The brand also ran Facebook Ads to create its loyal fan base. Yatra engaged with its fans through its Facebook Page by timely responding to their queries, posting special offers and promotions on the Page and hosting apps like the “Happy Travel Jigsaw” where fans can solve puzzles. As a result of the targeted Facebook ad campaign, Yatra generated INR 1.5 million/month only from Facebook advertisement. 229 CU IDOL SELF LEARNING MATERIAL (SLM)