Logging in to the REST API

There are two likely ways you may wish to log into the REST API:
  • As a human using a browser or other program to view data. You will be prompted for a user id and password as per the help page.
  • From a program which submits requests and manages the data that returns. Current options are HTTP Basic Authentication or JWT

Logging in to the REST API From Browser

To begin using the API from a program or a browser, you need to start the login process. To do so send an https request that looks like:

https://tickets.yourvenue.org/api/v1

all examples use https://127.0.0.1/api/v1 as the example. please replace with your web site URL.

The server will respond with a login screen where you provide:

  • The email address you use to log into the web site such as myemail@venue.org

    Note: if you have multiple logins in an outlet version of TM so there is ambiguity as to who you are, you may need to type your email address followed by:

    • ;outlet=xx such as myemail@venue.org;outlet=xx -and/or-
    • ;patron=yy such as myemail@venue.org;outlet=xx;patron=yy
  • the Password you use for online sales

    If you get your password wrong, you will see the login window again.

If you get your password correct, but are not enabled to use the API in your employee preferences, you will see a message similar to the one of the right that says API Access Disabled

You will need to enable API access to continue.

Successful access to API

If you see the window below showing a list of the top level end points, you have successfully accessed the API.

Logging in to the REST API As Programmer

Programmatically, there are currently two options to log into the REST api. You can use:
  • HTTP Basic Authentication The httpWatch web site describes the general process. Since it all occurs via TLS, this is quite secure
  • JSON web Tokens (JWT). Refer to the wikipedia description for more info.

Employee Permissions Affect Endpoints

Just having access to the rest api does not mean you can see the database. The permissions set for the employee in the Data Tab in employee preferences limit the data which the employee can see in the API endpoints.

If you see the message to the right, it could simply mean no permission has been provided as shown below.