Supergood | Corporate Travel Management API

Programmatically access Corporate Travel Management traveler profiles, trip bookings, approvals, and financial data with a stable REST API. Supergood builds and operates production-grade, unofficial CTM integrations so your team can automate travel workflows without heavy custom engineering.

Plain English: Corporate Travel Management (CTM) is a global business travel management platform that helps companies book and manage air, hotel, car, rail, and related services while enforcing policy, handling approvals, and consolidating invoices and reporting. An unofficial API lets you programmatically pull traveler profiles, trips/PNRs and itineraries, approvals, invoices and credits—and push new travel requests, approval decisions, profile updates, and documents into CTM.

For a tech company integrating with CTM, this means you can ingest real-time trip and traveler data to power dashboards, sync invoices and cost centers to accounting (e.g., QuickBooks, NetSuite), automate approvals from your product, or enrich your platform with itineraries, risk alerts, and policy compliance. You can also trigger manager approvals, update traveler preferences, attach receipts, and keep stakeholder systems (ERP, analytics, HRIS, expense) in lockstep. Many teams complain about limited export options, expensive or gated official APIs, and a lack of webhooks that makes automation hard—an unofficial API layer removes those frictions.

What is Corporate Travel Management?

Corporate Travel Management (https://us.travelctm.com/) is a business travel management company and technology platform that centralizes booking, traveler profiles, policy enforcement, approvals, duty-of-care, and financial reconciliation for mid-market and enterprise organizations. CTM connects to supplier content and global distribution systems (GDS) to create trips and consolidates data across portals for analytics and compliance.

Core product areas include:

• Travel Booking & Trip Management (Air, Hotel, Car, Rail; PNRs; Itinerary delivery and change handling)
• Traveler Profiles & Policy (Profiles, preferences, loyalty, travel documents; policy rules and approval workflows)
• Payments & Financials (Corporate cards, virtual/ghost cards, invoicing, receipts, GL/cost center allocation)
• Duty of Care & Risk (Traveler tracking, alerts, disruption assistance, risk classification)
• Reporting & Analytics (Spend, savings, supplier performance, compliance, unused ticket tracking)

Common data entities:

• Companies, Divisions, Cost Centers
• Users/Travelers, Arrangers, Approvers, Roles/Permissions
• Trips/PNRs and Segments (Flights, Hotels, Cars, Rail)
• Travel Requests & Approvals (pre-trip)
• Policies (rules, exceptions, preferred suppliers)
• Invoices, Receipts, Credit Memos
• Unused Tickets/Credits (e-ticket value, expiry)
• Payment Profiles (corporate card, virtual card tokens)

The CTM Integration Challenge

Corporate travel teams rely on CTM daily, but turning portal-based workflows into API-driven automation is non-trivial:

• Role-aware portals: Travelers, arrangers, and approvers see different data, policies, and prices
• Policy & approvals: Pre-trip approvals, exceptions, and preferred-supplier rules require careful handling
• Content spread: Trip data spans booking tools, reporting hubs, and invoice/receipt portals with differing schemas
• Authentication complexity: SSO/MFA across CTM modules complicates headless automation
• GDS nuances: PNR states (held, ticketed, canceled), reissues, and schedule changes introduce asynchronous updates
• Exports & APIs: Teams often face limited scheduled CSV exports, high-cost/gated official APIs, and sparse webhook coverage

How Supergood Creates CTM APIs

Supergood reverse-engineers authenticated browser flows and network interactions to deliver a resilient API endpoint layer for your CTM tenant.

• Handles username/password, SSO/OAuth, and MFA (SMS, email, TOTP) securely
• Maintains session continuity with automated refresh and change detection
• Normalizes responses so you can integrate once and rely on consistent objects across modules
• Aligns with customer entitlements and role-based permissions to ensure compliant access
• Models GDS/PNR lifecycle and maps supplier content into predictable segment objects

Use Cases

Traveler & Policy Data Sync

• Mirror traveler profiles, preferences, and roles into HRIS/IT systems
• Keep cost centers, approver hierarchies, and policy tiers current for analytics
• Normalize loyalty numbers, passports, and KTN for multi-tenant operations

Approvals & Pre-Trip Control

• Create travel requests from your product and route to the right approvers
• Apply policy checks before booking; capture exceptions and comments
• Track approval status to drive SLA alerts and push decisions back to CTM

Trips & Duty-of-Care

• Ingest trips/PNRs, segments, and status changes for traveler tracking
• Enrich dashboards with itineraries, disruptions, and risk scores
• Attach documents and unify itinerary delivery across channels

Financials: Invoices, GL, and Credits

• Pull invoices and receipts to reconcile with ERP/accounting (e.g., QuickBooks, NetSuite)
• Allocate spend to cost centers and projects; manage unused ticket credits
• Normalize taxes, supplier codes, and line items across trips

Available Endpoints

Authentication

POST /sessions: Establish a session using credentials. Supergood manages MFA (SMS, email, TOTP) and SSO/OAuth when enabled. Returns a short-lived auth token maintained by the platform.

curl --request POST \
  --url https://api.supergood.ai/integrations/<integration_id>/sessions \
  --header 'Authorization: Basic <Base64 encoded token>' \
  --header 'Content-Type: application/json' \
  --data '{
    "username": "[email protected]",
    "password": "<password>",
    "mfa": { "type": "totp", "code": "123456" }
  }'

Example response

{
  "authToken": "eyJhbGciOi...",
  "expiresIn": 3600,
  "user": {
    "id": "u_ctm_41b92e",
    "name": "Travel Manager",
    "entitlements": ["travelers", "trips", "approvals", "invoices"]
  }
}

POST /sessions/refresh: Refresh an existing token to keep sessions uninterrupted.

Travelers

GET /travelers: List traveler profiles with policy, preferences, and document details.

Query parameters

• companyId: string
• costCenter: string
• status: active | inactive
• updatedFrom, updatedTo: ISO 8601 timestamps
• page, pageSize: integers for pagination

Example response

{
  "items": [
    {
      "travelerId": "trv_7a12c0",
      "name": {
        "first": "Jordan",
        "last": "Lee"
      },
      "email": "[email protected]",
      "employeeId": "E-10482",
      "companyId": "co_9b720f",
      "costCenter": "US-MKT-001",
      "policyTier": "standard",
      "role": "traveler",
      "approverUserId": "u_ctm_mgr_2201",
      "travelProfile": {
        "loyalty": [
          {"program": "AA", "number": "AA123456"},
          {"program": "HILTON", "number": "HIL998877"}
        ],
        "knownTravelerNumber": "KTN0049213",
        "passport": {"country": "US", "number": "X1234567", "expiresOn": "2028-05-31"},
        "visas": [{"country": "AU", "expiresOn": "2027-03-01"}],
        "preferences": {"seat": "aisle", "meal": "vegetarian", "hotel": "near-office"}
      },
      "complianceStatus": "in_policy",
      "updatedAt": "2026-01-20T13:45:00Z"
    }
  ],
  "page": 1,
  "pageSize": 50,
  "total": 1
}

Travel Requests

POST /travel-requests: Create a pre-trip approval request with itinerary details and policy evaluation.

curl --request POST \
  --url https://api.supergood.ai/integrations/<integration_id>/travel-requests \
  --header 'Authorization: Bearer <authToken>' \
  --header 'Content-Type: application/json' \
  --data '{
    "travelerId": "trv_7a12c0",
    "purpose": "Client onsite meeting",
    "costCenter": "US-MKT-001",
    "tripPlan": {
      "departDate": "2026-02-12",
      "returnDate": "2026-02-15",
      "segments": [
        {"type": "flight", "origin": "ORD", "destination": "SFO", "preferredAirlines": ["AA", "UA"], "maxStops": 1},
        {"type": "hotel", "city": "San Francisco", "nights": 3, "preferredChains": ["Hilton", "Marriott"], "budgetPerNight": 250},
        {"type": "car", "pickup": "SFO", "class": "midsize"}
      ],
      "estimatedBudget": 1650.00
    },
    "attachments": [
      {"fileName": "meeting_agenda.pdf", "uploadToken": "upl_08ab73"}
    ],
    "notifyApprover": true
  }'

Example response

{
  "requestId": "req_91fe20",
  "status": "awaiting_approval",
  "estimatedTotal": 1585.25,
  "policyViolations": [
    {"code": "HOTEL_OVER_BUDGET", "severity": "warning", "message": "Projected nightly rate exceeds policy by $15"}
  ],
  "createdAt": "2026-01-21T10:03:11Z",
  "approval": {"approverUserId": "u_ctm_mgr_2201", "dueBy": "2026-01-22T17:00:00Z"}
}

Approvals

PATCH /approvals/{approvalId}: Approve or reject a travel request with comments and exception handling.

curl --request PATCH \
  --url https://api.supergood.ai/integrations/<integration_id>/approvals/appr_5b7c11 \
  --header 'Authorization: Bearer <authToken>' \
  --header 'Content-Type: application/json' \
  --data '{
    "decision": "approved",
    "approvedByUserId": "u_ctm_mgr_2201",
    "comments": "Approved due to client meeting urgency.",
    "exceptionCodes": ["HOTEL_OVER_BUDGET"]
  }'

Example response

{
  "approvalId": "appr_5b7c11",
  "status": "approved",
  "approvedAt": "2026-01-21T14:22:10Z",
  "approvedByUserId": "u_ctm_mgr_2201",
  "requestId": "req_91fe20"
}

Trips

GET /trips: List trips/PNRs with segment details, ticketing state, and financial summaries.

Query parameters

• companyId: string
• travelerId: string
• dateFrom, dateTo: ISO 8601 dates for travel window
• status: planned | ticketed | canceled | completed
• updatedFrom, updatedTo: ISO 8601 timestamps
• page, pageSize: integers for pagination

Example response

{
  "items": [
    {
      "tripId": "trip_3c21a9",
      "pnr": "R8Q2JK",
      "gds": "Sabre",
      "status": "ticketed",
      "travelerId": "trv_7a12c0",
      "ticketedAt": "2026-01-21T18:45:33Z",
      "segments": [
        {
          "type": "flight",
          "airline": "AA",
          "flightNumber": "AA119",
          "departure": {"airport": "ORD", "time": "2026-02-12T10:00:00-06:00"},
          "arrival": {"airport": "SFO", "time": "2026-02-12T12:45:00-08:00"},
          "class": "Y",
          "ticketNumber": "0012345678901"
        },
        {
          "type": "hotel",
          "name": "Hilton San Francisco",
          "checkIn": "2026-02-12",
          "checkOut": "2026-02-15",
          "confirmation": "HIL-983211"
        },
        {
          "type": "car",
          "vendor": "National",
          "pickup": {"location": "SFO", "time": "2026-02-12T13:30:00-08:00"},
          "dropoff": {"location": "SFO", "time": "2026-02-15T10:00:00-08:00"}
        }
      ],
      "cost": {"currency": "USD", "total": 1532.48, "tax": 112.85},
      "invoiceId": "inv_44d2a0",
      "risk": {"score": 18, "flags": ["winter_weather"]},
      "unusedTicketApplied": false,
      "updatedAt": "2026-01-22T08:15:12Z"
    }
  ],
  "page": 1,
  "pageSize": 50,
  "total": 1
}

Get full API Specs →

Technical Specifications

• Authentication: Username/password with MFA (SMS, email, TOTP) and SSO/OAuth where enabled; supports service accounts or customer-managed credentials
• Response format: JSON with consistent resource schemas and pagination across modules
• Rate limits: Tuned for enterprise throughput while honoring customer entitlements and usage controls
• Session management: Automatic reauth and cookie/session rotation with health checks
• Data freshness: Near real-time retrieval of traveler profiles, trips/PNRs, approvals, and financial objects
• Security: Encrypted transport, scoped tokens, and audit logging; respects CTM role-based permissions
• Webhooks: Optional asynchronous delivery for long-running workflows (e.g., approval decisions, itinerary changes)

Performance Characteristics

• Latency: Sub-second responses for list/detail queries under normal load
• Throughput: Designed for high-volume traveler/trip data sync and approval processing
• Reliability: Retry logic, backoff, and idempotency keys minimize duplicate actions
• Adaptation: Continuous monitoring for UI/API changes with rapid adapter updates

Getting Started

1. Schedule Integration Assessment

Book a 30-minute session to confirm your modules, licensing, and authentication model.

2. Supergood Builds and Validates Your API

We deliver a hardened CTM adapter tailored to your workflows and entitlements.

3. Deploy with Monitoring

Go live with continuous monitoring and automatic adjustments as CTM evolves.

Schedule Integration Call →

Frequently Asked Questions

Q: Which CTM modules can this integration cover?

Supergood supports workflows across commonly used modules such as Traveler Profiles & Policy, Trips/PNRs and Segments (Air, Hotel, Car, Rail), Approvals (Pre-Trip), and Financials (Invoices, Receipts, Credits), subject to your licensing and entitlements. We scope coverage during integration assessment.

Q: How are MFA and SSO handled for automation?

We support username/password + MFA (SMS, email, TOTP) and can operate behind SSO/OAuth when enabled. Sessions are refreshed automatically with secure challenge handling.

Q: Can you sync invoices and trips to our accounting and expense systems?

Yes. We can normalize invoices, receipts, and trip line items to match your ERP/accounting schema (e.g., GL codes, taxes, cost centers) and deliver updates via webhooks or polling while complying with rate and permission constraints. We commonly integrate with QuickBooks and NetSuite, and can push summary data to SAP Concur or your HRIS.

Q: Are approval decisions and exceptions supported for pre-trip requests?

Yes. We support creating travel requests, routing to approvers, recording decisions with exception codes, and downloading approval artifacts. Approval states and policy violations are modeled explicitly in our normalized responses.

Related Integrations

Intralinks API - Programmatically access the Intralinks VDR with Supergood

Ready to automate your CTM workflows?

Supergood can have your Corporate Travel Management integration live in days with no ongoing engineering maintenance.

Get Started →