Why is whitelisting Oaky's domains in Booking.com crucial?
Booking.com has implemented a new setting in the Extranet aimed at safeguarding guest messages against phishing attacks. In such cases, any external links will appear as [link removed] in the Extranet environment.
A solution for this is to add our Guest App (Upsell) domains to your whitelisted external links in Booking.com.
⚠️Important to note:
Keep in mind that you’ll only have access to these settings if you have admin rights for your Booking.com Extranet account.
💡 To find out who is the Admin in your Booking.com Extranet: go to User profile icon > Create and manage users.
In case you don't see the Security Settings tab in your Booking.com Extranet that means that Booking.com hasn't rolled this out for your hotel(s). In this case, no action is required.
It’s important to whitelist both domains (email and upsell domain); the email to ensure guests receive pre-arrival communication and upsell domain to ensure the CTA / [URL_BASE] link is accessible.
Please DO NOT toggle on "Block all email communication" and "Block all links" as this will also block the emails and links in the Your approved email addresses and Your approved links section from reaching your guests.
This setting can be found in your Security settings on the Booking.com Extranet.
You will have to add the Oaky domain to "Your approved links" and Oaky email to "Your email addresses".
How do I whitelist Oaky’s upsell domain in the Booking.com Extranet?
If you have one property:
Sign in to the Extranet
Click Property and then click Messaging preferences
Click Security settings
Complete two-factor authentication
Click Add email address and enter the following email addresses:
@oakyapp.com
Toggle OFF "Block all email communication" at the bottom as this will also prevent the emails in the Your approved email addresses section from reaching your guests.
Click Add a link and enter the following links:
getoaky.com
oakyapp.com
@oakyapp.com
https://mandrillapp.com/track/ (whitelist the email open tracking)
https://s3-eu-central-1.amazonaws.com/oaky-new-image-bucket/hotels (whitelist the email images)
Toggle OFF "Block all links" at the bottom as this will prevent the links in the Your approved links section from being shared in messages to your guests.
Save the changes.
To confirm that the whitelisting is correctly done - please perform a test booking.
If you have multiple properties:
Sign in to your group account on the Extranet
On the homepage, select one property
Click Property and then click Messaging preferences
Click Security settings
Complete two-factor authentication
Click Add email address and enter the following email addresses:
@oakyapp.com
Toggle OFF "Block all email communication" at the bottom as this will also prevent the emails in the Your approved email addresses section from reaching your guests.
Click Add a link and enter the following links:
getoaky.com
oakyapp.com
@oakyapp.com
https://mandrillapp.com/track/ (whitelist the email open tracking)
https://s3-eu-central-1.amazonaws.com/oaky-new-image-bucket/hotels (whitelist the email images)
Toggle OFF "Block all links" at the bottom as this will prevent the links in the Your approved links section from being shared in messages to your guests.
Save the changes.
To apply the same settings to all properties in your account, click Apply to all properties
Check the approved email addresses and click Apply to all properties in the popup
Changes are now applied across all properties
To confirm that the whitelisting is correctly done - please perform a test booking.
Note: Keep the toggle OFF: "Block all email communication" as this means no email is allowed and Oaky won't reach your guests.
Note: Keep the toggle OFF "Block all links" as your guests will see a [link removed] message instead of the links for Oaky.
Once you have completed the whitelisting steps, please proceed to create a test reservation via Booking.com to check it has correctly applied and ensure that the pre-arrival emails are working correctly.
📚 Related article: Confirming Whitelisting with a Test Booking on Booking.com
Still Not Seeing Conversions from Booking.com?
If you have completed the whitelist setup but are still seeing low or no engagement from Booking.com guests, your issue may fall into one of the scenarios below.
Use this guide to identify the issue and take the correct action.
🔴 Critical: No Opens and No Clicks
What this means
0% open rate from Booking.com guests
No clicks (CTA) recorded
No logins to the Guest App
This usually means Oaky emails are not being delivered via Booking.com.
What to do
Please repeat the full whitelisting process:
Confirm Oaky’s email domain is correctly added in the Booking.com Extranet
Ensure changes were saved successfully
Verify the setup at the correct property or chain level
Create a real Booking.com test reservation and confirm the email is received
🟠 Important: Opens Recorded, But No Logins
What this means
Guests are opening the email
Guests unable to click the CTA or the CTA link is removed
Guest unable to access to the Guest App
This typically indicates that the link configured in Booking.com is incorrect.
Guests may click the button but are not properly redirected to the Oaky Guest App.
What to do
Check the approved links configured in the Booking.com Extranet
Make sure the correct Oaky Guest App link is added
Ensure there are no extra spaces or formatting issues
Test again with a Booking.com reservation
🟡 Less Critical: No Opens, But Logins Recorded
What this means
Very low or no email opens
Some guests are logging into the Guest App
This may indicate that only a small percentage of guests are accessing the Guest App manually.
What to do
Recheck the email whitelisting configuration
Confirm Oaky’s domain is correctly added
Verify there are no duplicate or conflicting configurations
Perform another test reservation
Questions?
If you need further support, you can send a message to your Onboarding Specialist or Customer Success Manager, or Chat with us via the option on your Oaky dashboard.
Related source: Booking.com - All about our messaging security settings