Booking Factory API call

Start again…

The following API call returns a token:

function EPOSToken()
 var url = '' ;
 var api = '{"username":"B9l6sAvFV+N1tJ6V","password":"password/"}' ;
 var response = web.PostJson(url,api);

 var responseObject = JSON.parse(response) ;
 var responseData = responseObject.token ;
 file.WriteToFile('z:\jsondata.txt', response); 
 return responseData ;

However using that token to try and retrieve booking information fails ??

function EPOSRoom()

debugger ;
 var url = '';

 var api = '{"x-auth-token":"a token here xxxxxxxx"}' ;
 var response = web.PostJson(url,api) ;

 file.WriteToFile('z:jsondata.txt', response); 
 return response ;


using both methods in Postman returns data as expected

ie- the response from the room data call in Postman returns:

        "id": 103215,
        "roomName": "1 Small",
        "roomNumber": "103215",
        "guestName": "Nick Smith"

Any ideas ?

The only thing I can think of is that the token is retrieved by POST method whereas the room data call uses GET

Correct, the API documentation states it should be a GET call. There are several examples if you change the code from curl to say Java or C#.


Yes it has me puzzled too
l will keep trying !! :slight_smile:

If its a GET request then it wont be taking the auth token as data like the first request.
Using web download to receive JSON as discussed on topic yesterday is not recommended.

Using headers is possible for sure but possibly not using the helper functions.

1 Like

Worst case you could look at doing something like I did for a client with similar post/get issue, he was using a system that configuring POST was proving difficult but GET was simple so whipped up a short script to create a mediating API, he requests using GET, my script converts his GET into a POST to the final endpoint.
ie include the auth token in post data and website moves to header for actual request. if doing that I would probably structure that the middle man script gets the auth token so you just request with user/pass and it requests token then data and returns data.

Interesting. I wish I understood this stuff better. Maybe one day. @nickexmoor1 So something like below where x-token-auth is the key received from the authentication login:

function JSONTest(){
	var lib = host.lib("System");
	var client = new lib.System.Net.WebClient();
// 	client.Headers.Add("Accept", "application/json");
//	client.Headers.Add("Glf-Api-Version", "2");
	client.Headers.Add("x-auth-token", "LONGAPIKEYUSERNAMEFORAUTH");
	var url = "";
	var data = client.DownloadString(url);
	var json = JSON.parse(data);
 	return json;

Many thanks guys…
Progress is being made :rofl: :thinking: :face_with_head_bandage:
This works…

function GetRooms()

    var lib = host.lib("System");
    var client = new lib.System.Net.WebClient();
//    var token = encodeURIComponent("5l75AhAJ-tlfZAgJbXENBmghkGxBtiI95Gejk4yo-Oc")

    var token = PMSToken()
    client.Headers.Add("Accept", "*/*");
//    client.Headers.Add("Glf-Api-Version", "2");

    var url = "";

    var roomdata = client.DownloadString(url);
    var json = JSON.parse(roomdata);
    file.WriteToFile('z:jsondata.txt', roomdata);
     return json;

    function PMSToken(inputresponseData)
     var url = '' ;
     var api = '{"username":"username","password":"password"}' ;
     var response = web.PostJson(url,api);

     var responseObject = JSON.parse(response) ;
     var responseData = responseObject.token ;
     return responseData ;


When I have some tidier code and get to posting data too I will share it …

I cant guarantee it will be as tidy and fully featured as @JTRTech though, it is over 20 years since I coded in anger lol

Maybe this will help you as well. Here is how I connect to 7shifts API and a sample of their api code.

var apikey = ''; 
var method1 = 'time_punches';
var method2 = 'users';
var method3 = 'receipts';

function getuser(pincode) {
  var getusers = web.PostData(''+method2+'/','',''+apikey+'','');
  var user = JSON.parse(getusers);
  for(var i=0; i<; i++){
   if([i].user.employee_id == pincode)

function punch(userpin,pmethod,timein) {
	var userid = getuser(userpin);
 	var execpunch = web.PostJson(''+method1+'/','{ "time_punch": { "user_id": '+userid+', "location_id": 25721, "'+pmethod+'": "'+timein+'"}}',''+apikey+'','');
 	var punchid = JSON.parse(execpunch);
	var punchidresult =;
 	return punchidresult;

function updatepunch(punchid,punchtype,time) {
	var update = web.PutJson(''+method1+'/'+punchid+'','{ "time_punch": { "'+punchtype+'": "'+time+'"}}',''+apikey+'','');
	return update;

function createReceipt(ttotal,date,tid) {
	var create = web.PostJson(''+method3+'/','{ "receipt": { "total": '+ttotal+',"open_date": "'+date+'", "location_id": 25721, "external_id": '+tid+'}}',''+apikey+'','');
	var receiptid = JSON.parse(create);
	var receiptidresult =;
	return receiptidresult;

function updateReceipt(receiptid,ttotal,tid){
	var update = web.PutJson(''+method3+'/'+receiptid+'','{ "receipt": { "total": '+ttotal+',"location_id": 25721, "external_id": '+tid+'}}',''+apikey+'','');
	return update;

Notice sometimes I use PostData and sometimes PostJson also notice I am not including headers. What you will notice is the comma separated sections of the web.PostData and web.PostJson helpers. Those are where you can apply authentication, etc.

What I am getting at is Emre added the required functions to the helpers so we would not need to invoke the host.lib however that is available as well if you prefer to use it.

I’m not sure if that is the case for these api, the header was for an auth ticket from first request. Unless I missed something.

I too am passing auth request but the helper is doing it for me. In this case I left them blank as all I needed was apikey.

For the token request yer but how can auth token header be included in postjson for subsequent requests?

LOL I just realised I spoke to these guys about 2-3 years ago.
I beleive a contact of mine has some connection with them which is where I got lead from.
Their API was pretty basic back then, offered allot of feedback for expanding their api for epos.
Have you got any documentation they sent you? Would be intrigued to see how far they have come and if my feedback was used :wink:

Yes - I saw the post from a while back, apparently the chap you spoke to has sold out but is still involved.
I also contacted Newbook , theie system is more fully featured but a bit more expensive :upside_down_face:
This system seems to be what we need as a small operation but no firm decision yet…
I have managed to get room data and post charges from SambaPos so far

Here is a link to their API docs -

I reckon a few extra bits of data would be useful and for example the posting of a room charge returns data with a credit limit but I can see no method to set it either by API or on the full PMS :joy: :rofl:

I did find it after I posted, to me it seems like a fair amount of inspiration has come from newbook api documents I sent them all that time ago lol