Navan exposes real REST APIs: a TMC travel-data API for bookings and PNR data, plus expense and card endpoints with OAuth 2.0, webhooks, and a sandbox. Docs live in the help center, and some features need support-minted credentials, so access is admin-gated, not self-serve.
TripActions scores D on the API Report Card. Navan exposes real REST APIs: a TMC travel-data API for bookings and PNR data, plus expense and card endpoints with OAuth 2.0, webhooks, and a sandbox. Docs live in the help center, and some features need support-minted credentials, so access is admin-gated, not self-serve.
Without a usable official API, teams fall back on manual exports, file drops, or one-off vendor integrations. The other option is an unofficial API layer like Supergood that automates the authenticated web app directly.
TripActions, rebranded to Navan in February 2023, is a Palo Alto, California-headquartered corporate travel and expense (T&E) management platform founded in May 2015 by Ariel Cohen and Ilan Twig.
Vertical: Travel & Expense (corporate travel management + spend management + corporate card issuing). Employee booking of flights, hotels, rental cars, and rail with in-policy guardrails and 24/7 agent support.
High and rising. Navan is the #1 or #2 challenger to SAP Concur in modern corporate T&E and is consistently ranked among G2's Leaders for Business Travel and Travel Management Software (4.7/5 across thousands of reviews).
Trip / itinerary data: flights, hotels, cars, rail, PNRs, e-tickets, cancellations, rebookings. Traveler profiles: passport, frequent-flyer numbers, seat/meal preferences, emergency contacts.
Founded in 2015; ~11 years old as of 2026. Cloud-native and mobile-first from inception, built on a modern stack with AI features layered in early (Navan was the first TMC to integrate generative AI across its stack, per company materials).
Grades measure one thing: can a customer's engineering team get their own data out programmatically? We check six things (whether a real API exists, how access is gated, data coverage, auth quality, docs and developer experience, and stability) and roll them into a letter grade. Grades get re-verified, and they only move on evidence.