API Authentication

Slotify uses a two-token system to authenticate requests, providing secure access to different levels of data and functionality within the platform. Followings are some of the token Types used in Slotify:

Owner Token: Used exclusively for app-specific endpoints. This token allows access to owner-specific data and operations related to each owner's apps. A owner may have multiple apps, so the owner token ensures that only the relevant app data is accessible.

App Token: Used for all other endpoints in Slotify. The app token provides access to resources like customers, bookings, schedulers, and more at the app level. Since an app is the highest-level entity in Slotify, this token grants broader access to all resources and configurations under that app.

Checkout this help center article on how to obtain tokens: https://slotify.ca/help-center/p/how-to-use-slotify-scheduling-api

Slotify SDKs

Slotify provides two official SDKs to make it easy to integrate scheduling functionality into your applications: PHP SDK and Node.js SDK. These SDKs offer seamless methods to authenticate, retrieve availability, book time slots, and manage scheduling resources.

PHP SDK

The Slotify PHP SDK enables PHP developers to quickly integrate with the Slotify API. With methods for authentication, availability checks, bookings, and managing users, the SDK abstracts many lower-level API details, enabling faster development.

How to install this sdk:

  • BASH
composer require slotify/php-sdk

PHP SDK docs: https://packagist.org/packages/slotify/php-sdk

Node.js SDK

The Slotify Node.js SDK is designed for developers building applications with JavaScript or TypeScript. It provides intuitive methods for accessing Slotify API endpoints and supports both synchronous and asynchronous workflows.

How to install this sdk:

  • BASH
# using npm
npm install slotify-sdk

# using yarn
yarn add slotify-sdk

# using bun
bun add slotify-sdk

NodeJS SDK docs: https://www.npmjs.com/package/slotify-sdk

App Token Authentication

To authenticate requests to Slotify's API using a Base64-encoded API key as a bearer token, you'll first need to get your API key through our admin interface. 

Once obtained, encode the API key using Base64 encoding. This encoded key will serve as your bearer token, which you'll include in the Authorization header of your API requests. 

Additionally, ensure that all requests to our API include the Accept header set to "application/json" to specify that the client expects JSON-formatted responses. This approach ensures secure and efficient authentication while adhering to Slotify's API standards and requirements.

  • php-sdk
  • curl
  • Node-sdk
require_once dirname(__DIR__). '/vendor/autoload.php';

$slotifyAPI = new SlotifySDK\ApiService([
    'apiKey' => "APP_TOKEN"
]);

$customers = $slotifyAPI->getCustomers();
# Replace 'YOUR_API_KEY' with your actual API key obtained from Slotify's admin interface
API_KEY="YOUR_API_KEY"

# Encode the API key using Base64
BASE64_ENCODED_KEY=$(echo -n "$API_KEY" | base64)

# Set the API endpoint URL
API_URL="https://api.slotify.ca/v1/apps"

# Make a GET request to the API endpoint
curl -X GET \
  -H "Authorization: Bearer $BASE64_ENCODED_KEY" \
  -H "Accept: application/json" \
  $API_URL

import SlotifyAPI from "slotify-sdk";

const slotifyApi = new SlotifyAPI({
  apiKey: "APP_TOKEN",
});

slotifyApi.getCustomers().then((c) => console.log(c));

Owner Token Authentication:

Most of the api that depends on app requires app based authentication. However, all apps endpoint needs different authentication. When you signup for slotify account you are primary owner of all the apps you create within your account.

Therefore, only owners are allowed to make requests to apps endpoints.

GETv1/appsfetch owner apps
POSTv1/appscreate app for owner
PUTv1/apps/:uuidupdate owner app
DELETEv1/apps/:uuiddelete owner app
GETv1/apps/:uuidget specific owner app

If you use app token to call above endpoints you will receive following error: 

  • 401 Unauthorized
{
    "message": "Unauthorized",
    "code": 401
}

To make requests to above endpoints you need to use following code to generate base 64 encoded token first and then pass this token as Bearer token:

  • PHP SDK
  • BASH
  • Node SDK
require_once dirname(__DIR__). '/vendor/autoload.php';

$slotifyAPI = new SlotifySDK\ApiService([
    'apiKey' => "EMAIL:OWNER_TOKEN"
]);

$customers = $slotifyAPI->getCustomers();
# Replace 'OWNER_TOKEN' with your actual API key obtained from Slotify's admin interface

USER_TOKEN="OWNER_TOKEN"
OWNER_EMAIL="OWNER_EMAIL"

# Encode the API key using Base64
BASE64_ENCODED_KEY=$(echo -n "$OWNER_EMAIL:$USER_TOKEN" | base64)

# Set the API endpoint URL
API_URL="https://api.slotify.ca/v1/apps"

# Make a GET request to the API endpoint
curl -X GET \
  -H "Authorization: Bearer $BASE64_ENCODED_KEY" \
  -H "Accept: application/json" \
  $API_URL
import SlotifyAPI from "slotify-sdk";

const slotifyApi = new SlotifyAPI({
  apiKey: "EMAIL:OWNER_TOKEN",
});

slotifyApi.getCustomers().then((c) => console.log(c));

Next Steps