Ability to authorize order creation and servicing requests from different API consumer sources for the same OrderID
Provide documentation demonstrating ability to grant authorization to shopping and/or servicing functions based on the ID of the Sender against a given OrderID. This capability should also demonstrate how authorization is managed based solely on the relationship between the Sender’s identity and the OrderID, as opposed to hard-coded authorizations at the API level. Once an API consumer is authenticated, it is up to the Order Management System to control the authorization that API consumer has against which Orders in the OMS. This allows the Airline to grant incoming servicing requests from multiple API sources (but potentially from the same Sender ID) or even to allow multiple Senders (different travel agent IDs) to interact with the same OrderID, if the authorization at the Order level in the OMS is set up to allow it (e.g. sometimes required when the booking agent, such as a consolidator, differs from the servicing agent going forward).