View Categories

API Documentation for Zapier Integration

3 min read

This document provides a complete and structured overview of TicketsCandy’s API endpoints, authentication requirements, webhook handling, and data formats. It is intended for Zapier support teams to assist in troubleshooting, researching bugs, and supporting mutual users.

 

Authentication #

All TicketsCandy API requests require authentication via an API token.

  • Token Format: 32-character cryptographic token (28-bit / 16 bytes).
  • How to Authenticate:
    • Via Authorization header with Bearer scheme:
      Authorization: Bearer YOUR_API_KEY
    • Or by including API_KEY in the POST request body.

If authentication fails or is missing, the server returns:
HTTP 401 Unauthorized

 

Webhook Management #

TicketsCandy uses webhooks to push real-time updates to Zapier for event orders and attendee information.

Subscribe to a Webhook #

POST /hook/subscribe

  • Description: Registers a Zapier webhook to receive event updates.
  • Body Parameters:
    • url (string, required): The webhook URL to receive event data.
  • Example Request Body: 
    {
  "url": "https://hooks.zapier.com/hooks/catch/123456/abcdef/"
}
  • Response:
    • 200 OK on success.
    • 401 Unauthorized if token is missing or invalid.

Unsubscribe from a Webhook #

DELETE /hook/unsubscribe

  • Description: Unsubscribes a previously registered Zapier webhook.
  • Body Parameters:
    • url (string, required): The webhook URL to remove.
  • Example Request Body: 
    {
  "url": "https://hooks.zapier.com/hooks/catch/123456/abcdef/"
}
  • Response:
    • 200 OK if webhook was successfully removed.
    • 404 Not Found if the webhook does not exist.
    • 401 Unauthorized if token is missing or invalid.

Additional Webhook Handling:

  • If Zapier disables a webhook, the TicketsCandy system detects a 410 Gone response and removes the webhook automatically.
  • We regularly purge inactive webhooks to ensure clean subscription management.
  • We do not store any Zapier customer data on our servers.

 

Endpoints #

Below are the currently available API endpoints used for trigger data retrieval:

1. Authenticate API Key #

POST /auth

  • Description: Authenticates a user’s API key.
  • Request Options:
    • Pass API Key either via Bearer Authorization Header or in POST body.
  • Response:
    • 200 OK if authentication succeeds.
    • 401 Unauthorized if invalid.

2. Get Event Orders #

GET /getEventOrders

  • Description: Retrieves a list of event orders with associated buyer and transaction details.
  • Authentication: Required
  • Response Format: JSON
  • Example Response: 
    {
  "event_name": "Grand Event",
  "event_start_date": "2027-02-20",
  "event_start_time": "10:30:00",
  "event_end_date": "2027-02-25",
  "event_end_time": "23:00:00",
  "order_id": 101,
  "order_reference": "9htMI103",
  "order_status": "Completed",
  "order_date": "2025-03-10",
  "order_time": "18:23:28",
  "payment_type": "Online",
  "first_name": "John",
  "last_name": "Doe",
  "email": "john@doe.com",
  "phone": "+1-234-567-8912",
  "total_items_sold": 5,
  "tickets_sold": 1,
  "addons_sold": 1,
  "donations_sold": 1,
  "bundles_sold": 1,
  "products_sold": 1,
  "coupons_applied": 1,
  "total_paid": "$75.00"
}

3. Get Event Attendees #

GET /getEventAttendees

  • Description: Retrieves attendee-specific details for event bookings.
  • Authentication: Required
  • Response Format: JSON
  • Example Response: 
    {
  "event_name": "Grand Event",
  "event_start_date": "2027-02-20",
  "event_start_time": "10:30:00",
  "event_end_date": "2027-02-25",
  "event_end_time": "23:00:00",
  "attendee_id": 15,
  "order_id": 101,
  "order_reference": "9htMI103",
  "order_date": "2025-03-10",
  "order_time": "20:23:28",
  "first_name": "John",
  "last_name": "Doe",
  "email": "john@doe.com",
  "phone": "+1-234-567-8912",
  "booking_date": "2027-02-20",
  "booking_time": "18:00:00",
  "ticket_name": "General Admission",
  "ticket_type": "Ticket",
  "ticket_code": "9htMI103-1",
  "questions": [
    {
      "question": "Parking assistance",
      "answer": "Yes"
    },
    {
      "question": "Dietary restrictions",
      "answer": "None"
    }
  ]
}

 

Important Notes #

  • All endpoints require token-based authentication.
  • All data is transmitted and returned in JSON format.
  • No customer data from Zapier is stored permanently on TicketsCandy servers.
  • We actively monitor and purge expired webhooks to maintain data hygiene.

 

Support & Troubleshooting #

For further technical support, please contact us here.

Updated on May 2, 2025

What are your Feelings

  • Happy
  • Normal
  • Sad