Authenticating a Customer

Once you have found the tee time you wish to book, you must log in the booking customer. The GolfNow API uses a token-based authentication system for customer logins. The token is generating using the customer's email address on file and password, and must be added as an HTTP header for customer-facing methods, such as booking, generating an invoice, and changing a customer's password.


To get a token for a customer, you must call the GetCustomerToken method.


HTTP Request

POST rest/customers/[email protected]/authentication-token HTTP/1.1
Content-Type: application/json; charset=utf-8
UserName: UserName
Password: Password
Host: sandbox.api.gnsvc.com
Accept-Encoding: gzip, deflate
AdvancedErrorCodes: True

Body

HTTP Response

"3fbjh0KafQ4S5id-4aHrNvtCYlPD3bzLWJ2rWq9HiBvvyCCvQV8czUHfuxtrmtalUFKLy+H+HT8lN1Hh7e8LY4IViuGZdiOmlwZ8y5R-uFcmHX2AfUOiPVihQk28vVGFOXDAvlJQ2V++wOhQ22koAjt-mOdZWkX-AC6d4KGwlJ10OhO7nc699NA+SxrG7OHE460wNCNivZvKtSBbbpphfR0pGf3mIx+nXoyrF6sLhVIpJcHMjCqo1-EEvTZzGO6i5gz3JEsBdITjXLz5a4KyCkLNfmOyaRahqzatH43p3jH7eCJtPxNyPWc7V7JxqBCxBNDsniX5u7J+-Dg8ZSOiQ1Zem4LH9TT6H2u7KFdiYuVHGlGNsrrV+mJWocuSvwUvstU3MXL1-GoXlOCuMHCYFb33x34q6VUE27tz9qh1AUc-Oisln8jvb97EPUoKwiiF9h7LVRPr9Lp8eYDRFuJK3pqcHObJo6CNNyIpKxykZ4JqPod3FCL2Bbs6NWze58Wy4niAqYSxaSFupxYcomzXIP0m9+A3b8Nm0OySmJTUknwc9Ad4Z+jN4jyFXNSLSj+36Skura15YspwQGIFk9GvRC-2oEoovfsM4RK5SKFYMei7fpx+X34VCNPzFFtxIbPWKk52e-J2uHhMzGK4iyJBeNa8XMHhc06kAGX6VWqnEK5f33Ev4YNrUCMFZBVz1wTR"

You may then use this token for subsequent requests against the API. The token has a lifetime of 60 minutes before expiry, although requests that use the customer token will respond with a new, refreshed token in the HTTP response headers, see the main page for more detail about this.


Any customer token may also be validated before further API requests are made with it, using the following call to ValidateCustomerToken:


HTTP Request

POST rest/customers/[email protected]/authentication-token/validate HTTP/1.1
Content-Type: application/json; charset=utf-8
UserName: UserName
Password: Password
Host: sandbox.api.gnsvc.com
Accept-Encoding: gzip, deflate
AdvancedErrorCodes: True

Body

"v2!9SdtxN91odTlY9EHl48M+AhJ4Wx5zSPSSeZQqbMwNw9md7zhA8NeMw3Yght6qnHSX4gtZCWLWdI3hHpfXW-pzzTbsprfdrfpPAEfPIdXxW1Vzl0QEe5DySWIQSzP8ecEZ4zJoX2i-I4AmrF0v6wPjNrBQb10+3-L7AhHOg1Pi+dJYeYt1s34vF4Ob+dqsSbEtv14Q7qgQ6h7mYW20KeJHSWAo+ankzjQfIxt5BysuApi-2obea3lkyndhnrkp5j-pFXz4YC3Y+vAdAwz2kO+Nw=="

HTTP Response

True

If you prefer, customers may also be checked out as guests against the GolfNow API. This requires you call a separate endpoint, GetGuestToken. While the guest checkout flow is simpler than creating a customer, there are certain additional pieces of information that must be collected about the customer at the time of checkout above and beyond traditional customers.


The time for a guest token to expire may be parameterized using the timeout property in the URI, and may not exceed 60 minutes.


HTTP Request

POST /rest/customers/[email protected]/guest-token?timeout=60 HTTP/1.1
Content-Type: application/json; charset=utf-8
UserName: UserName
Password: Password
Host: sandbox.api.gnsvc.com
Accept-Encoding: gzip, deflate
AdvancedErrorCodes: True

Body

HTTP Response

"v2!9SdtxN91odTlY9EHl48M+AhJ4Wx5zSPSSeZQqbMwNw9md7zhA8NeMw3Yght6qnHSX4gtZCWLWdI3hHpfXW-pzzTbsprfdrfpPAEfPIdXxW1Vzl0QEe5DySWIQSzP8ecEZ4zJoX2i-I4AmrF0v6wPjNrBQb10+3-L7AhHOg1Pi+dJYeYt1s34vF4Ob+dqsSbEtv14Q7qgQ6h7mYW20KeJHSWAo+ankzjQfIxt5BysuApi-2obea3lkyndhnrkp5j-pFXz4YC3Y+vAdAwz2kO+Nw=="

As with customer tokens, guest tokens may also be validated before use.


Click to continue to: Generating an Invoice.


Return to the end-to-end example index.