How it works

First the part the partner's web developer insert the scripts to load code the widgets in their web pace. This will be explained in a later section. Then inserts the custom element to load a certain widget in the page (also explained later). Then when the user access the partner site the following work flow occurs (Please see diagram below):

1. The user opens the web browser to access partner's website.

2. The partner website serves the code to load Bubi Widgets

3. The user's browser start accessing Bubi API on Bubi API Server to perform various functions.

4. If the requested function requires the user to be logged in (for example creating an online booking), the user is redirect to the login website. If the requested function does not require the user to be logged in (for example purchasing a voucher), then steps 4 to 8 are skipped.The authentication workflow follows OAUTH2 flow.

5. The user enters credentials in login server (email and password). If the user is not already a Bubi registered user , they can create an account (after accepting the terms and conditions and privacy policy). If the user is already a registered Bubi but has not accepted the terms and conditions and privacy policy for the partner, they are required to do so before processing. Note: The authentication server uses cookies to keep track of logged in user.

6. The authentication servers issues an access token and send it to the user browser. Note: The widget will store the token in the browser's Local Storage and will be seen under the Partner's website.

7. The client's browser will send the token for further requests to the Bubi API Server.

8. Upon receiving a token from the browser, the Bubi API server will connect to the Authentication Server to validate the token.

9. The Bubi API Server then performs the request to the partner Booking Software Server which is not accessed directly by the user's browser. Note: Booking software will authenticate the Bubi Api Server using API Key which is a shared secret between both servers. It can be configured by a user with Superadmin role in the booking software, or the admin role for the partner in Bubi Admin application (which will be implemented later).