Navan — Travel Booking & Management

Overview

This skill provides the complete travel booking workflow through the Navan REST API. Navan has no public SDK — all access is via raw HTTP calls using OAuth 2.0 bearer tokens. This skill covers trip retrieval for both user and admin scopes, itinerary PDF downloads, invoice access, and trip filtering by date range and status. Every booking is keyed by a UUID primary key that must be tracked for deduplication and updates.

Prerequisites

• Navan account with API credentials (clientid + clientsecret)
• Credentials created in Admin > Travel admin > Settings > Integrations > Navan API Credentials
• OAuth 2.0 token obtained via POST /ta-auth/oauth/token (see navan-install-auth)
• Node.js 18+ with node-fetch or Python 3.8+ with requests
• Environment variables: NAVANCLIENTID, NAVANCLIENTSECRET, NAVANBASEURL
• NAVANBASEURL should be set to https://api.navan.com

Instructions

Step 1: Authenticate and Obtain Bearer Token

const tokenRes = await fetch(`${process.env.NAVAN_BASE_URL}/ta-auth/oauth/token`, {
  method: 'POST',
  headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
  body: new URLSearchParams({
    grant_type: 'client_credentials',
    client_id: process.env.NAVAN_CLIENT_ID!,
    client_secret: process.env.NAVAN_CLIENT_SECRET!,
  }),
});
const { access_token } = await tokenRes.json();
const headers = { Authorization: `Bearer ${access_token}` };

Step 2: Retrieve Bookings

// GET /v1/bookings — returns booking records (paginated via page + size)
// Response: records in .data array, primary key uuid
const bookingsRes = await fetch(
  `${process.env.NAVAN_BASE_URL}/v1/bookings?page=0&size=50`,
  { headers }
);
const { data: bookings } = await bookingsRes.json();

bookings.forEach((booking: any) => {
  console.log(`UUID: ${booking.uuid}`);
  console.log(`  Route: ${booking.origin} -> ${booking.destination}`);
  console.log(`  Status: ${booking.status}`);
  console.log(`  Dates: ${booking.start_date} to ${booking.end_date}`);
});

Step 3: Retrieve Bookings with Date Filtering

// GET /v1/bookings with createdFrom/createdTo for incremental pulls
const filteredRes = await fetch(
  `${process.env.NAVAN_BASE_URL}/v1/bookings?createdFrom=2026-01-01&createdTo=2026-03-31&page=0&size=50`,
  { headers }
);
const { data: filteredBookings } = await filteredRes.json();
console.log(`Total bookings in range: ${filteredBookings.length}`);

Step 4: Paginate Through All Bookings

// Paginate using page + size query params (start from page 0, page_size 50)
async function getAllBookings(): Promise<any[]> {
  const allBookings: any[] = [];
  let page = 0;
  const size = 50;

  while (true) {
    const res = await fetch(
      `${process.env.NAVAN_BASE_URL}/v1/bookings?page=${page}&size=${size}`,
      { headers }
    );
    const { data } = await res.json();
    if (!data || data.length === 0) break;
    allBookings.push(...data);
    if (data.length < size) break; // last page
    page++;
  }
  return allBookings;
}

const allBookings = await getAllBookings();
console.log(`Total bookings: ${allBookings.length}`);

Step 5: Token Refresh

// Re-authenticate by requesting a new token (same client_credentials flow)
const refreshRes = await fetch(`${process.env.NAVAN_BASE_URL}/ta-auth/oauth/token`, {
  method: 'POST',
  headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
  body: new URLSearchParams({
    grant_type: 'client_credentials',
    client_id: process.env.NAVAN_CLIENT_ID!,
    client_secret: process.env.NAVAN_CLIENT_SECRET!,
  }),
});
const refreshed = await refreshRes.json();
console.log('Token refreshed successfully');

Output

Successful execution returns:

• Booking objects in .data array with UUID primary keys, origin/destination, dates, and status
• Paginated results using page + size query params
• Incremental filtering via createdFrom / createdTo params

Error Handling

Examples

Python — Retrieve trips with date filtering:

import requests
import os

base_url = os.environ.get('NAVAN_BASE_URL', 'https://api.navan.com')

# Authenticate (form-encoded, not JSON)
auth = requests.post(f'{base_url}/ta-auth/oauth/token', data={
    'grant_type': 'client_credentials',
    'client_id': os.environ['NAVAN_CLIENT_ID'],
    'client_secret': os.environ['NAVAN_CLIENT_SECRET'],
})
token = auth.json()['access_token']
headers = {'Authorization': f'Bearer {token}'}

# Get bookings for Q1 (records in .data array)
resp = requests.get(
    f'{base_url}/v1/bookings',
    params={'createdFrom': '2026-01-01', 'createdTo': '2026-03-31', 'page': 0, 'size': 50},
    headers=headers,
).json()

for booking in resp['data']:
    print(f"{booking['uuid']}: {booking.get('origin')} -> {booking.get('destination')}")

Resources

• Navan Help Center — Official documentation and support articles
• Booking Data Integration — Booking data export configuration
• Navan Integrations — Available third-party integrations

Next Steps

After retrieving trip data, proceed to navan-core-workflow-b for expense management or navan-data-handling for bulk data extraction patterns.