Set up Relay Restrictions

In order to enhance security, PCI booking enables customers to set up a whitelist of approved destinations that cards stored in PCI booking can be relayed to.

The whitelist of destinations is set up per user and each user can have a different set of approved destinations.

In order to view the list of approved destinations for relay for a particular user, please follow these steps:

  • Login to the PCI Booking users' portal
  • In the menu bar on the left, go to "Account Settings" > "View Accounts".
  • The list will show you all currently open users. Click on the user that you would like to view their destination whitelist.
  • Under the "Whitelist endpoints for retrieving cards" section, you will see a list of domain names. Next to each domain name, there will be a delete button in order to remove this whitelisting.

In order to add a new destination to the whitelist, simply click on "Add endpoint to whitelist" and provide the domain name (including HTTPS) in the pop up window.
For example, if the URL you want to be able to relay the card to is https://api.fareportallabs.com/air/api,the whitelist domain would be https://api.fareportallabs.com.

📘

If there is no whitelisting listed, the user can relay to any destination URL without any limitation.

🚧

If you decide to set up relay restrictions for your users, please make sure that the list of approved destinations for relay as part of the CVV Retention Policy are included here.