Getting Started with the Club Automation API
Topics
About our API
The Club Automation API provides applications with access to their data. Currently, the API is intended to be used in a server-to-server fashion and the access token issued to you should be kept secret and not used in a web or mobile application. For more information see the Authentication tutorial.
All requests must be made over HTTPS, and your HTTP client must be TLS 1.2 compliant.
Methods
Our API is a RESTful API that uses standard HTTPS requests to perform actions on a data resource. The following HTTP verbs are used:
| Method | Description |
|---|---|
| GET | Retrieve a resource |
| POST | Create a resource |
| PUT | Perform a full update of a resource |
| PATCH | Perform a partial update of a resource |
| DELETE | Delete a resource |
Rate Limiting
Rate limiting is calculated based on your API user account, not your IP address. This means if you have several applications, rate limits are shared across all of them.
If you're experiencing rate-limiting issues, you may want to consider caching the API responses depending on how often the API resource is likely to change. This will also improve performance in your application.
In addition, depending on your terms of service, you may also have a monthly quota set. Contact your sales representative or email us if you would like to adjust your monthly quota.
Responses
All responses are encoded as application/json.
Request Headers
The following headers must be present on all requests.
| Header | Description |
|---|---|
| Accept | Set to application/json. |
| Authorization | The authorization header must be in the format Authorization: Bearer <token> where token is the response from the POST /auth/token API resource. See the Authentication Tutorial for more details. |
Response Headers
| Header | Description |
|---|---|
| Content-Type | The media type of the response. Always set to `application/json. |
Error Messages
Your applications should check for error message responses and gracefully handle any that you can encounter.
Error messages have the following format
{
"success": false,
"errors": [
{
"message": "'username' should not be empty.",
"key": "username"
},
...
]
}Generally, status codes in the 200 range indicate valid responses, 300 range
indicate further action is need to fulfill a request, 400 indicate user error,
and 500 indicate a server error was encountered.
| Status Code | Status Message | Description |
|---|---|---|
| 200 | OK | The request succeeded and the response message is valid. |
| 201 | Created | The request has created a new resource. |
| 204 | No Content | The request has succeeded but returns no message body. |
| 400 | Bad Request | Check error message for details. Typically this indicates there is a validation error on the request data sent. |
| 401 | Unauthorized | Invalid or tampered Authorization token. |
| 403 | Forbidden | Invalid or tampered Authorization token. You most likely have an expired token and need to request a new one from the /auth/token endpoint. |
| 404 | Not Found | The API resource you are trying to access can't be found. |
| 429 | Too Many Requests | API rate limit exceeded (See X-RateLimiting-* response headers) |
| 500 | Internal Server Error | There was an error on the server. If this error persists, please contact support |