Skip to content

API reference

The reference documents the Sidedoor operator/venue API, one resource at a time. Before you dive in, read Authentication and the shared Conventions - every page here assumes both.

Each page covers one area of the API. It opens with a compact endpoint table (Method · Path · Purpose · Auth), then works through each action - list, get, create, update, delete and any special actions - with a multi-language example and a sample response.

Every endpoint table has an Auth column telling you what a caller needs:

Value Meaning
public No authentication. Discovery and widget endpoints; some are gated by a bot check (Turnstile).
session Any logged-in user - send a session bearer token.
operator An operator/staff role (client / organiser), scoped to a venue you can access. Acting outside your venues returns 403.

Most operator endpoints live under /api/my-venues/:venueId/… and are checked against your venue access.

Worked examples appear in cURL, JavaScript and PHP. Choose a language with the tab above any example and the whole site follows - the choice is remembered as you browse. Examples read your bearer token from the SIDEDOOR_TOKEN environment variable and use placeholders such as VENUE_ID, BOOKING_ID and EVENT_ID.

Resource Covers
Venues Your venues, settings, sisters and stats.
Availability Open slots, booking windows and availability for a date.
Tables & floorplan Floors, seating areas, tables, blocks and combos.
Rules & policies Access rules, admission rules, booking and payment policies.
Bookings & reservations The booking lifecycle, the floor, and card-hold deposits.
Events Events, ticket types and event bookings.
Vouchers Gift-voucher settings, issue and redeem.
Guests The guest roster, activity and tags.
Catalog Bundles, promo codes, time periods, shifts and price lists.
Branding & widgets Venue branding and embeddable widget settings.
Team & roles Operator members, roles and permissions.
Payouts Stripe Connect onboarding and payout status.

Separately, the embeddable widget & public endpoints power the booking, events and voucher widgets you put on your own website. They are public and are documented on their own page.