TripIt no longer tracking aadvantage
#31
FlyerTalk Evangelist
Join Date: Mar 2004
Location: SJC
Programs: AA EXP, BA Silver, Hyatt Globalist, Hilton diamond, Marriott Platinum
Posts: 33,533
I'm agreeing that AA are woefully behind the times here, I just don't think that this is the solution.
Cheers.
#32
Company Representative - AwardWallet
Join Date: Oct 2007
Posts: 56
It's not the API that's the issue. Unless a separate password were set up for this read-only API, then the password is still at risk even with this limited API. If that gets compromised, then it can be used on the full access API.
I'm agreeing that AA are woefully behind the times here, I just don't think that this is the solution.
Cheers.
I'm agreeing that AA are woefully behind the times here, I just don't think that this is the solution.
Cheers.
http://en.wikipedia.org/wiki/OAuth
It is easy to implement, and many websites, such as Facebook, use it today. You can authorize someone to see some of your data on Facebook but you are not giving them your Facebook password. One of our developer implemented this OAuth 2 protocol in about 1 - 2 days.
#33
FlyerTalk Evangelist
Join Date: Mar 2004
Location: SJC
Programs: AA EXP, BA Silver, Hyatt Globalist, Hilton diamond, Marriott Platinum
Posts: 33,533
Actually by definition a "read-only API" implies that you would not be giving away your password to third party websites. OAuth 2 is designed to do just that.
http://en.wikipedia.org/wiki/OAuth
It is easy to implement, and many websites, such as Facebook, use it today. You can authorize someone to see some of your data on Facebook but you are not giving them your Facebook password. One of our developer implemented this OAuth 2 protocol in about 1 - 2 days.
http://en.wikipedia.org/wiki/OAuth
It is easy to implement, and many websites, such as Facebook, use it today. You can authorize someone to see some of your data on Facebook but you are not giving them your Facebook password. One of our developer implemented this OAuth 2 protocol in about 1 - 2 days.
(I will take one exception, though - "read only" API does not, by definition, imply anything about the use of credentials. It's simply an interface that doesn't allow modification of data. OAuth is a particular implementation that does have credential implications.)
While I work in complex software development, it's pretty clear that I don't work in web technology, and wasn't aware of this (in retrospect, very obvious) development.
Of course, one the third parties have that data, even if read only, what other things might they be doing with it, besides just showing it to the user?
Cheers.
Last edited by brp; Jul 13, 2012 at 9:21 am
#34
FlyerTalk Evangelist
Join Date: Nov 2003
Location: South Florida
Programs: AA LTG (EXP), Hilton Silver (Dia), Marriott LTP (PP), SPG LTG (P) > MPG LTPP
Posts: 11,329
Besides, I don't think it's what the app might do, but what people might do with the information from the app... Even with read-only access there would be enough data made available someone could call and book something. Does this fall into pretexting?
Sites that believe they are the be-all their users need should get some fresh air. There are effective ways to manage cooperative agreements and everyone wins. Unfortunately users have become the commodity and the data/service is a far second.
#35
Moderator: American AAdvantage
Join Date: May 2000
Location: NorCal - SMF area
Programs: AA LT Plat; HH LT Diamond, Maître-plongeur des Muccis
Posts: 62,948
Did you use Google Translate for that? I suspect there may be some truth to that. The "read-only API" info here would seem to support that, IMO.
#36
Join Date: Nov 2011
Location: NYC
Programs: AA EXP
Posts: 288
AA seems to be blocking other programs that track miles balances and the like as well. I have been waiting for this shoe to fall, unfortunately. This will not make me move away from TripIt Pro, as it's too valuable for me - but AA seems bent on controlling our miles information, possibly due to "security concerns" - the 2000's response for all kinds of airline-related travesties.
(re-titled slightly to show this is an actual and factual condition, and not a question.)
(re-titled slightly to show this is an actual and factual condition, and not a question.)
I had the service through Amex Platinum last year and found the flight status updates, baggage claim notices, etc. convenient but not indispensable (you can find this information elsewhere too.)
I really like the service for managing itineraries, but are there other benefits I am missing? Flight refund alerts?
#37
Moderator: American AAdvantage
Join Date: May 2000
Location: NorCal - SMF area
Programs: AA LT Plat; HH LT Diamond, Maître-plongeur des Muccis
Posts: 62,948
Also off topic, the flight refund alerts are not so useful, because they often are not matches in the full fare detail and iirc not accurate in including the change fees. Mostly, it's having it all in one place and the updates - AA certainly doesn't provide many updates or change notices, and though I have apps I can use individually for various things it's the convenience factor I like.
What I do not like is the inability AA imposed on TripIt to get my AAdvantage account data. I think it's more than about "security" - and some folks here have ideas about that.
What I do not like is the inability AA imposed on TripIt to get my AAdvantage account data. I think it's more than about "security" - and some folks here have ideas about that.
Slightly off topic, but what do you think are the most valuable parts of Pro?
I had the service through Amex Platinum last year and found the flight status updates, baggage claim notices, etc. convenient but not indispensable (you can find this information elsewhere too.)
I really like the service for managing itineraries, but are there other benefits I am missing? Flight refund alerts?
I had the service through Amex Platinum last year and found the flight status updates, baggage claim notices, etc. convenient but not indispensable (you can find this information elsewhere too.)
I really like the service for managing itineraries, but are there other benefits I am missing? Flight refund alerts?
#38
FlyerTalk Evangelist
Join Date: Mar 2004
Location: SJC
Programs: AA EXP, BA Silver, Hyatt Globalist, Hilton diamond, Marriott Platinum
Posts: 33,533
Cheers.
#39
Join Date: Jul 2012
Posts: 1
I received the same email. Not sure it matters about the points tracking in the grand scheme of things.
My concern is the proactive flight monitoring. Is AA shutting off access to everything or just point totals?
I was very impressed with Tripit last week when I received a message that my flight would be delayed by an hour. The amazing thing is that I received the message 11 hours before my departure. AA EXP Desk said the flight was on time until 30 minutes before departure. The departure time moved 15 minutes later and then again, you guessed it, another 15 minutes later. As Tripit called it 11 hours earlier, the flight took off 1 hour late. I am curious how Tripit knows more about AA's flights that AA knows or is willing to share.
I hope this is a point monitoring only event and not a precursor to something more.
My concern is the proactive flight monitoring. Is AA shutting off access to everything or just point totals?
I was very impressed with Tripit last week when I received a message that my flight would be delayed by an hour. The amazing thing is that I received the message 11 hours before my departure. AA EXP Desk said the flight was on time until 30 minutes before departure. The departure time moved 15 minutes later and then again, you guessed it, another 15 minutes later. As Tripit called it 11 hours earlier, the flight took off 1 hour late. I am curious how Tripit knows more about AA's flights that AA knows or is willing to share.
I hope this is a point monitoring only event and not a precursor to something more.
your recent trip. Rest assured that although we can no longer track your
American Airlines points, this change does not impact TripIt Pro flight
monitoring.