Supplier Configuration
Manage API credentials, routing rules and settings for all travel suppliers
API credentials are sensitive. In production, use a secrets vault (AWS Secrets Manager, HashiCorp Vault). Keys shown here are masked for security. This is a demo environment.
CORS Proxy Tester — Find Working Proxy for TBO / GoFlySmart
Why this is needed:
TBO API runs on
http:// (not https). Browsers block http:// calls from https:// pages
(mixed-content security rule). A CORS proxy routes your request server-side — the same way Postman works.
Once you find a working proxy, copy it to Supplier Config → CORS Proxy Prefix URL.
// Exact request being tested (mirrors your Postman call):
POST
http://Sharedapi.tektravels.com/SharedData.svc/rest/Authenticate
Headers: Content-Type: application/json
Body: {ClientId:"ApiIntegrationNew", UserName:"__probe__", Password:"__probe__", LoginType:"2", EndUserIp:"192.168.0.170"}
// A working proxy returns HTTP 200 with JSON {Status:2, Error:{...}} — wrong credentials = API is reachable!