# Tito Pro API Reference Version: v1 All API requests require authentication using a Bearer token. ## Creating an API token 1. Go to your **Account settings** 2. Navigate to the **API tokens** section 3. Click **Create API token** 4. Give your token a descriptive name 5. Copy the token and store it securely - you won't be able to see it again ## Using your token Include your API token in the `Authorization` header of every request: `Authorization: Bearer YOUR_API_TOKEN` ## Verify your credentials Use the API root endpoint to check that your token is working. It returns your account slug on success, or a `401` if the token is invalid. #### Example request ```bash curl -H "Authorization: Bearer YOUR_API_TOKEN" \ https://api.staging.pro.tito.io/ ``` #### Example response ```json { "account_slug": "{account_slug}" } ``` ## Token security - Keep your tokens secret. Do not commit them to version control. - Each token is scoped to a single account. - You can revoke tokens at any time from your **Account settings**. - If you believe a token has been compromised, revoke it immediately and create a new one. The API uses standard HTTP status codes to indicate the outcome of requests. ## Status codes | Code | Meaning | |------|---------| | `200` | Success | | `401` | Unauthorized - no token provided or token is invalid | | `403` | Forbidden - token does not have access to this resource | | `404` | Not found - the resource does not exist | | `429` | Too many requests - rate limit exceeded | | `500` | Internal server error | ## Error response format Error responses include a JSON body with an `error` or `message` field: ```json { "error": "Account or event not found" } ``` ## Common errors ### 401 Unauthorized Your API token is missing or invalid. Check that you're including the `Authorization: Bearer YOUR_TOKEN` header. ### 403 Forbidden Your API token does not have access to the requested resource. API tokens are scoped to a specific account. ### 404 Not found The resource you requested does not exist. Check that the account slug, event slug, or resource ID is correct. The Tito Pro API lets you programmatically access your event data. You can list events, retrieve orders and tickets, and query check-in lists. ## Base URL All API requests should be made to `https://api.staging.pro.tito.io`. ## Content type All responses are returned as JSON. Set your `Accept` header to `application/json`. ## Versioning The API is currently at version **v0**, currently under active development. List endpoints return paginated results. The response includes a `meta` object with pagination details. ## Request parameters | Parameter | Type | Description | |-----------|------|-------------| | `page` | integer | Page number (default: 1) | ## Response meta object Paginated responses include a `meta` object: ```json { "meta": { "lookup_mode": "live", "pagination": { "page": 1, "items": 20, "pages": 5, "count": 100 } } } ``` | Field | Description | |-------|-------------| | `pagination.page` | Current page number | | `pagination.items` | Number of items per page | | `pagination.pages` | Total number of pages | | `pagination.count` | Total number of records | ## Example For any API request that needs to be paginated, simply add a `page` parameter. ```bash # Fetch page 2 of orders curl -H "Authorization: Bearer YOUR_API_TOKEN" \ "https://api.staging.pro.tito.io/{account_slug}/{event_slug}/orders?page=2" ``` The API enforces rate limits to ensure fair usage and service stability. ## Limits - **100 requests per minute** per API token ## Exceeding the limit If you exceed the rate limit, you will receive a `429 Too Many Requests` response. When this happens: 1. Implement exponential backoff in your client 2. Consider caching responses that don't change frequently ## Best practices - Cache responses where possible - Use pagination to reduce the number of requests - Avoid polling - use reasonable intervals between requests Webhooks let you receive real-time notifications when events happen in your Tito account. Instead of polling the API, you configure a URL and Tito will send an HTTP POST request to it whenever a subscribed event occurs. ## Supported events | Event | Description | |-------|-------------| | `order.created` | An order has been placed | | `order.updated` | An order has been updated | ## Setting up a webhook 1. Go to your **Account settings** 2. Navigate to the **Webhooks** section 3. Click **Create webhook** 4. Enter the URL where you want to receive events 5. Select the events you want to subscribe to 6. Copy your signing secret and store it securely Webhook URLs must use HTTPS in production. HTTP URLs are allowed in test mode. ## Payload format When an event occurs, Tito sends a POST request to your webhook URL with a JSON payload: ```json { "id": 123456, "webhook_event": "order.created", "state": "pending", "attempts": 1, "created_at": "2026-02-08T10:30:00Z", "data": { "type": "order", "id": 789, "object": { "id": 789, "reference": "ABCD-1234", "name": "Jane Smith", "email": "jane@example.com" } } } ``` The `data.object` contains the full resource as returned by the corresponding API endpoint. ## Request headers Every webhook request includes the following headers: | Header | Description | |--------|-------------| | `Content-Type` | `application/json` | | `User-Agent` | `Tito-Webhook/1.0` | | `X-Tito-Webhook-Event` | The event type, e.g. `order.created` | | `X-Tito-Timestamp` | Unix timestamp of when the request was sent | | `X-Tito-Signature` | HMAC-SHA256 signature for verifying authenticity | ## Verifying signatures Each webhook request is signed using your webhook's secret key. You should verify the signature to ensure the request came from Tito. The signature is computed as an HMAC-SHA256 hex digest of the timestamp and request body, joined with a period. ### Ruby ```ruby timestamp = request.headers["X-Tito-Timestamp"] signature = request.headers["X-Tito-Signature"] body = request.raw_post expected = OpenSSL::HMAC.hexdigest( "SHA256", webhook_secret, "#{timestamp}.#{body}" ) if ActiveSupport::SecurityUtils.secure_compare(expected, signature) # Request is authentic else # Reject the request end ``` ### Node.js ```javascript const crypto = require("crypto"); const timestamp = req.headers["x-tito-timestamp"]; const signature = req.headers["x-tito-signature"]; const body = req.body; // raw body string const expected = crypto .createHmac("sha256", webhookSecret) .update(`${timestamp}.${body}`) .digest("hex"); if (crypto.timingSafeEqual(Buffer.from(expected), Buffer.from(signature))) { // Request is authentic } else { // Reject the request } ``` ### Python ```python import hmac import hashlib timestamp = request.headers["X-Tito-Timestamp"] signature = request.headers["X-Tito-Signature"] body = request.get_data(as_text=True) expected = hmac.new( webhook_secret.encode(), f"{timestamp}.{body}".encode(), hashlib.sha256 ).hexdigest() if hmac.compare_digest(expected, signature): # Request is authentic else: # Reject the request ``` ### PHP ```php $timestamp = $_SERVER["HTTP_X_TITO_TIMESTAMP"]; $signature = $_SERVER["HTTP_X_TITO_SIGNATURE"]; $body = file_get_contents("php://input"); $expected = hash_hmac("sha256", "{$timestamp}.{$body}", $webhookSecret); if (hash_equals($expected, $signature)) { // Request is authentic } else { // Reject the request } ``` ## Responding to webhooks Your endpoint should return a `2xx` status code to acknowledge receipt. Any other status code is treated as a failure. ## Retries and failure handling If delivery fails, Tito retries with exponential backoff: | Attempt | Delay | |---------|-------| | 1 | 30 seconds | | 2 | 2 minutes | | 3 | 8 minutes | | 4 | 32 minutes | | 5 | ~2 hours | After 5 retry attempts, the delivery is marked as failed. If a webhook accumulates 10 consecutive failures across any events, it is automatically disabled. You can re-enable it from your **Account settings**. ## Retention Webhook event logs are retained for 7 days and then automatically pruned. ## Best practices - **Always verify signatures** to ensure requests are from Tito - **Respond quickly** with a `2xx` status code, then process the payload asynchronously - **Handle duplicates** — in rare cases the same event may be delivered more than once - **Use HTTPS** to protect the payload in transit - **Keep your signing secret safe** — regenerate it if you suspect it has been compromised ## Account ### GET `/{account_slug}` Returns basic information about your Tito account. Use this endpoint to verify your API credentials and retrieve your account details. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | The unique slug identifier for your Tito account. This is the account identifier you see in your Tito dashboard URL. | #### Responses - **200**: successful - account details retrieved - **401**: unauthorized - no bearer token provided or token is invalid - **403**: forbidden - account slug does not match your API token #### Example response ```json { "id": 12345, "name": "My Conference Company" } ``` --- ## Checkin Lists ### GET `/{account_slug}/{event_slug}/checkin_lists/{checkin_list_id}/checkins` Returns all checkins for a checkin list, ordered by most recent first #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | Account slug | | `event_slug` | path | string | Yes | Event slug | | `checkin_list_id` | path | integer | Yes | Checkin list ID | #### Responses - **200**: successful - **401**: unauthorized - **404**: not found #### Example response ```json { "checkin_lists": [ { "id": 1, "name": "Main entrance", "checked_in_count": 42, "created_at": "2025-01-01T00:00:00Z", "updated_at": "2025-01-15T10:30:00Z" }, { "id": 2, "name": "VIP entrance", "checked_in_count": 8, "created_at": "2025-01-01T00:00:00Z", "updated_at": "2025-01-15T10:30:00Z" } ], "meta": { "current_page": 1, "next_page": null, "prev_page": null, "total_pages": 1, "total_count": 2 } } ``` --- ### GET `/{account_slug}/{event_slug}/checkin_lists/{checkin_list_id}/orders` Returns all orders that can be checked in to this checkin list, including QR code identifiers and ticket type counts #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | Account slug | | `event_slug` | path | string | Yes | Event slug | | `checkin_list_id` | path | integer | Yes | Checkin list ID | #### Responses - **200**: successful - **401**: unauthorized #### Example response ```json { "checkin_lists": [ { "id": 1, "name": "Main entrance", "checked_in_count": 42, "created_at": "2025-01-01T00:00:00Z", "updated_at": "2025-01-15T10:30:00Z" }, { "id": 2, "name": "VIP entrance", "checked_in_count": 8, "created_at": "2025-01-01T00:00:00Z", "updated_at": "2025-01-15T10:30:00Z" } ], "meta": { "current_page": 1, "next_page": null, "prev_page": null, "total_pages": 1, "total_count": 2 } } ``` --- ### POST `/{account_slug}/{event_slug}/checkin_lists/{checkin_list_id}/orders/{order_qr_token}/checkins` Creates checkins for an order using its QR code token. Pass ticket type slugs as form parameters with the number of tickets to check in. For example, if the order has a ticket type with slug `general-admission`, send `general-admission=1` to check in one ticket of that type. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | Account slug | | `event_slug` | path | string | Yes | Event slug | | `checkin_list_id` | path | integer | Yes | Checkin list ID | | `order_qr_token` | path | string | Yes | Order QR code token | #### Responses - **201**: created - **401**: unauthorized --- ### GET `/{account_slug}/{event_slug}/checkin_lists/{checkin_list_id}/tickets` Returns all tickets that can be checked in to this checkin list, including QR code identifiers #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | Account slug | | `event_slug` | path | string | Yes | Event slug | | `checkin_list_id` | path | integer | Yes | Checkin list ID | #### Responses - **200**: successful - **401**: unauthorized #### Example response ```json { "checkin_lists": [ { "id": 1, "name": "Main entrance", "checked_in_count": 42, "created_at": "2025-01-01T00:00:00Z", "updated_at": "2025-01-15T10:30:00Z" }, { "id": 2, "name": "VIP entrance", "checked_in_count": 8, "created_at": "2025-01-01T00:00:00Z", "updated_at": "2025-01-15T10:30:00Z" } ], "meta": { "current_page": 1, "next_page": null, "prev_page": null, "total_pages": 1, "total_count": 2 } } ``` --- ### POST `/{account_slug}/{event_slug}/checkin_lists/{checkin_list_id}/tickets/{ticket_qr_token}/checkins` Creates a checkin for a ticket using its QR code token #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | Account slug | | `event_slug` | path | string | Yes | Event slug | | `checkin_list_id` | path | integer | Yes | Checkin list ID | | `ticket_qr_token` | path | string | Yes | Ticket QR code token | #### Responses - **201**: created - **401**: unauthorized --- ### GET `/{account_slug}/{event_slug}/checkin_lists` Returns all checkin lists for an event #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | Account slug | | `event_slug` | path | string | Yes | Event slug | | `q` | query | string | No | Search query | #### Responses - **200**: successful - **401**: unauthorized - **403**: forbidden #### Example response ```json { "checkin_lists": [ { "id": 1, "name": "Main entrance", "checked_in_count": 42, "created_at": "2025-01-01T00:00:00Z", "updated_at": "2025-01-15T10:30:00Z" }, { "id": 2, "name": "VIP entrance", "checked_in_count": 8, "created_at": "2025-01-01T00:00:00Z", "updated_at": "2025-01-15T10:30:00Z" } ], "meta": { "current_page": 1, "next_page": null, "prev_page": null, "total_pages": 1, "total_count": 2 } } ``` --- ### GET `/{account_slug}/{event_slug}/checkin_lists/{id}` Returns details of a specific checkin list #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | Account slug | | `event_slug` | path | string | Yes | Event slug | | `id` | path | string | Yes | Checkin list ID | #### Responses - **200**: successful - **401**: unauthorized - **403**: forbidden - **404**: not found #### Example response ```json { "id": 1, "name": "Main entrance", "checked_in_count": 42, "created_at": "2025-01-01T00:00:00Z", "updated_at": "2025-01-15T10:30:00Z" } ``` --- ## Events ### GET `/{account_slug}/events` Returns a paginated list of all events in your account that the API token has access to. Supports filtering by date range, status, and custom field responses. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | Your Tito account slug | | `page` | query | integer | No | Page number for pagination (default: 1) | | `starts_after` | query | string | No | Events starting on or after this date (e.g. 2025-06-01) | | `starts_before` | query | string | No | Events starting on or before this date (e.g. 2025-12-31) | | `status` | query | string | No | upcoming, current, or past: * `upcoming` * `current` * `past` | | `filter[custom_field_slug]` | query | string | No | Filter by custom field slug (e.g. filter[track]=Frontend) | #### Responses - **200**: successful - events list retrieved - **401**: unauthorized - no bearer token provided or token is invalid - **403**: forbidden - account slug does not match your API token #### Example response ```json { "events": [ { "id": 123456, "title": "My Conference 2025", "slug": "my-conference-2025" }, { "id": 123457, "title": "Workshop Series", "slug": "workshop-series" } ] } ``` --- ### GET `/{account_slug}/events/{id}` Returns detailed information about a specific event including dates, location, venue, sold out status, and custom metadata. You can use either the event slug or numeric ID. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | Your Tito account slug | | `id` | path | string | Yes | Event slug or numeric ID | #### Responses - **200**: successful - event details retrieved - **401**: unauthorized - no bearer token provided or token is invalid - **404**: not found - event slug does not exist or is not accessible #### Example response ```json { "id": 123456, "title": "My Conference 2025" } ``` --- ## Root ### GET `/` The root endpoint of the Tito API. Use this to verify that the API is accessible and your authentication is working. This is a simple health check endpoint that requires authentication. #### Responses - **200**: successful - API is accessible - **401**: unauthorized - no bearer token provided or token is invalid --- ## Invitation Lists ### GET `/{account_slug}/{event_slug}/invitation_lists` Returns a paginated list of all invitation lists for the specified event. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | The unique slug identifier for your Tito account | | `event_slug` | path | string | Yes | The unique slug identifier for the event | | `page` | query | integer | No | Page number for pagination (default: 1) | #### Responses - **200**: successful - invitation lists retrieved - **401**: unauthorized - no bearer token provided or token is invalid --- ### POST `/{account_slug}/{event_slug}/invitation_lists` Creates a new invitation list for the specified event. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | The unique slug identifier for your Tito account | | `event_slug` | path | string | Yes | The unique slug identifier for the event | #### Responses - **201**: created - invitation list successfully created - **422**: unprocessable entity - validation errors - **401**: unauthorized - no bearer token provided or token is invalid --- ### GET `/{account_slug}/{event_slug}/invitation_lists/{id}` Returns detailed information about a specific invitation list. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | The unique slug identifier for your Tito account | | `event_slug` | path | string | Yes | The unique slug identifier for the event | | `id` | path | string | Yes | The unique identifier for the invitation list | #### Responses - **200**: successful - invitation list details retrieved - **404**: not found - invitation list does not exist --- ### PATCH `/{account_slug}/{event_slug}/invitation_lists/{id}` Updates an existing invitation list. Note: distribution_option, expires_at, and auto_delivering cannot be changed after invitations have been sent. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | The unique slug identifier for your Tito account | | `event_slug` | path | string | Yes | The unique slug identifier for the event | | `id` | path | string | Yes | The unique identifier for the invitation list | #### Responses - **200**: successful - invitation list updated - **404**: not found - invitation list does not exist --- ## Invitations ### GET `/{account_slug}/{event_slug}/invitations` Returns a paginated list of all invitations for the specified event. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | The unique slug identifier for your Tito account | | `event_slug` | path | string | Yes | The unique slug identifier for the event | | `page` | query | integer | No | Page number for pagination (default: 1) | #### Responses - **200**: successful - invitations list retrieved - **401**: unauthorized - no bearer token provided or token is invalid - **403**: forbidden - API token does not have access to this event --- ### POST `/{account_slug}/{event_slug}/invitations` Creates a new invitation for the specified event. Requires an invitation_list_id and ticket_type_id to associate the invitation with. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | The unique slug identifier for your Tito account | | `event_slug` | path | string | Yes | The unique slug identifier for the event | #### Responses - **201**: created - invitation successfully created - **422**: unprocessable entity - validation errors - **401**: unauthorized - no bearer token provided or token is invalid --- ### GET `/{account_slug}/{event_slug}/invitations/{id}` Returns detailed information about a specific invitation. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | The unique slug identifier for your Tito account | | `event_slug` | path | string | Yes | The unique slug identifier for the event | | `id` | path | string | Yes | The unique identifier for the invitation | #### Responses - **200**: successful - invitation details retrieved - **401**: unauthorized - no bearer token provided or token is invalid - **404**: not found - invitation ID does not exist or is not accessible --- ### PATCH `/{account_slug}/{event_slug}/invitations/{id}` Updates an existing invitation. You can update the invitee details, ticket type, or invitation list. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | The unique slug identifier for your Tito account | | `event_slug` | path | string | Yes | The unique slug identifier for the event | | `id` | path | string | Yes | The unique identifier for the invitation | #### Responses - **200**: successful - invitation updated - **422**: unprocessable entity - validation errors - **404**: not found - invitation does not exist --- ## Orders ### GET `/{account_slug}/{event_slug}/orders` Returns a paginated list of all orders for the specified event. Each order includes customer details, reference number, and amount. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | The unique slug identifier for your Tito account | | `event_slug` | path | string | Yes | The unique slug identifier for the event | | `page` | query | integer | No | Page number for pagination (default: 1) | #### Responses - **200**: successful - **401**: unauthorized - no bearer token provided or token is invalid - **403**: forbidden - API token does not have access to this event #### Example response ```json { "orders": [ { "id": 123456, "name": "John Smith", "email": "john@example.com", "reference": "ABCD-1234", "amount": { "cents": 15000, "currency_iso": "USD" }, "created_at": "2025-01-15T10:30:00Z", "updated_at": "2025-01-15T10:30:00Z" }, { "id": 123457, "name": "Jane Doe", "email": "jane@example.com", "reference": "EFGH-5678", "amount": { "cents": 30000, "currency_iso": "USD" }, "created_at": "2025-01-16T14:00:00Z", "updated_at": "2025-01-16T14:00:00Z" } ], "meta": { "lookup_mode": "live", "pagination": { "page": 1, "items": 20, "pages": 1, "count": 2 } } } ``` --- ### GET `/{account_slug}/{event_slug}/orders/{id}` Returns detailed information about a specific order, including customer details, invoice, and associated tickets. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | The unique slug identifier for your Tito account | | `event_slug` | path | string | Yes | The unique slug identifier for the event | | `id` | path | string | Yes | The unique identifier for the order. Can be a numeric ID or a secret identifier token (e.g. order-abc123) | #### Responses - **200**: successful - **401**: unauthorized - no bearer token provided or token is invalid - **403**: forbidden - API token does not have access to this event - **404**: not found - order ID does not exist or is not accessible #### Example response ```json { "id": 123456, "name": "John Smith", "email": "john@example.com", "ticket_ids": [1001, 1002, 1003] } ``` --- ## Ticket Types ### GET `/{account_slug}/{event_slug}/ticket_types` Returns a paginated list of all ticket types for the specified event, sorted by position. Each ticket type includes pricing, capacity, and configuration details. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | The unique slug identifier for your Tito account | | `event_slug` | path | string | Yes | The unique slug identifier for the event | | `page` | query | integer | No | Page number for pagination (default: 1) | | `q` | query | string | No | Search ticket types by name or slug | | `sort` | query | string | No | Sort order. Default is by position. Use name_az for A–Z or name_za for Z–A.: * `name_az` * `name_za` | #### Responses - **200**: successful - ticket types list retrieved - **401**: unauthorized - no bearer token provided or token is invalid - **403**: forbidden - API token does not have access to this event #### Example response ```json { "ticket_types": [ { "id": 101, "slug": "early-bird", "name": "Early bird", "description": "Discounted ticket for early registrants", "price": 10000, "currency": "eur", "quantity": 100, "position": 1, "is_bundle": false, "tax_behavior": "exclusive", "created_at": "2025-01-15T10:30:00Z", "updated_at": "2025-01-15T10:30:00Z" }, { "id": 102, "slug": "regular", "name": "Regular", "description": null, "price": 20000, "currency": "eur", "quantity": null, "position": 2, "is_bundle": false, "tax_behavior": "exclusive", "created_at": "2025-01-16T14:00:00Z", "updated_at": "2025-01-16T14:00:00Z" } ], "meta": { "lookup_mode": "live", "pagination": { "page": 1, "items": 20, "pages": 1, "count": 2 } } } ``` --- ### GET `/{account_slug}/{event_slug}/ticket_types/{id}` Returns detailed information about a specific ticket type, including settings, buy-x-get-y-free configuration, dependencies, and bundle items. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | The unique slug identifier for your Tito account | | `event_slug` | path | string | Yes | The unique slug identifier for the event | | `id` | path | string | Yes | The unique identifier or slug for the ticket type | #### Responses - **200**: successful - ticket type details retrieved - **401**: unauthorized - no bearer token provided or token is invalid - **403**: forbidden - API token does not have access to this event - **404**: not found - ticket type ID does not exist or is not accessible #### Example response ```json { "id": 101, "slug": "early-bird", "name": "Early bird", "description": "Discounted ticket for early registrants", "price": 10000, "currency": "eur", "quantity": 100, "position": 1, "is_bundle": false, "tax_behavior": "exclusive", "tickets_count": 42, "settings": { "anonymous": false, "qr_code_disabled": false, "maximum_tickets_per_order": 100 }, "created_at": "2025-01-15T10:30:00Z", "updated_at": "2025-01-15T10:30:00Z" } ``` --- ## Tickets ### GET `/{account_slug}/{event_slug}/tickets` Returns a paginated list of all tickets (attendees) for the specified event. Each ticket represents an individual attendee and includes their name, email, and associated order. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | The unique slug identifier for your Tito account | | `event_slug` | path | string | Yes | The unique slug identifier for the event | | `page` | query | integer | No | Page number for pagination (default: 1) | #### Responses - **200**: successful - tickets list retrieved - **401**: unauthorized - no bearer token provided or token is invalid - **403**: forbidden - API token does not have access to this event #### Example response ```json { "tickets": [ { "id": 123456, "name": "Jane Smith", "email": "jane@example.com", "order_id": 789 }, { "id": 123457, "name": "Bob Johnson", "email": "bob@example.com", "order_id": 790 } ] } ``` --- ### GET `/{account_slug}/{event_slug}/tickets/{id}` Returns detailed information about a specific ticket (attendee). By default returns order_id; you can use the `include=order` query parameter to embed full order details in the response instead. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | The unique slug identifier for your Tito account | | `event_slug` | path | string | Yes | The unique slug identifier for the event | | `id` | path | string | Yes | The unique identifier for the ticket | #### Responses - **200**: successful - ticket details retrieved - **401**: unauthorized - no bearer token provided or token is invalid - **403**: forbidden - API token does not have access to this event - **404**: not found - ticket ID does not exist or is not accessible #### Example response ```json { "id": 123456, "name": "Jane Smith", "email": "jane@example.com", "order_id": 789 } ``` --- ## Webhook Events ### GET `/{account_slug}/webhooks/events` Returns a paginated list of all webhook events for the specified account. Each webhook event includes the event type, state, and associated data. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | The unique slug identifier for your Tito account | | `page` | query | integer | No | Page number for pagination (default: 1) | | `event_slug` | query | string | No | Filter by event slug | #### Responses - **200**: successful - **401**: unauthorized - no bearer token provided or token is invalid --- ### GET `/{account_slug}/webhooks/events/{id}` Returns detailed information about a specific webhook event, including the full payload data. #### Parameters | Name | In | Type | Required | Description | |------|------|------|----------|-------------| | `account_slug` | path | string | Yes | The unique slug identifier for your Tito account | | `id` | path | string | Yes | The unique identifier for the webhook event | #### Responses - **200**: successful - **401**: unauthorized - no bearer token provided or token is invalid - **404**: not found - webhook event ID does not exist or is not accessible ---