Skip to content

Access profiles, admission rules & policies

Reusable building blocks that access rules and events reference. Access profiles package a bundle of booking settings so several access rules share them; admission groups + rules apply conditional discounts and auto-approval to the guest list; policies hold booking terms and deposit/refund rules. Every endpoint is under /api/my-venues/:venueId/… and is operator (client role, venue-scoped) - send an Authorization: Bearer token from the Authentication flow.

Method Path Purpose Auth
GET/POST /api/my-venues/:venueId/list-profiles Guest-list profiles operator
PUT/DELETE /api/my-venues/:venueId/list-profiles/:id Update/delete operator
GET/POST /api/my-venues/:venueId/table-profiles Table profiles operator
PUT/DELETE /api/my-venues/:venueId/table-profiles/:id Update/delete operator
GET/POST /api/my-venues/:venueId/event-profiles Event profiles operator
PUT/DELETE /api/my-venues/:venueId/event-profiles/:id Update/delete operator
GET/POST /api/my-venues/:venueId/ticket-profiles Ticket profiles operator
PUT/DELETE /api/my-venues/:venueId/ticket-profiles/:id Update/delete operator
GET/POST /api/my-venues/:venueId/admission-groups Admission groups operator
PUT/DELETE /api/my-venues/:venueId/admission-groups/:gid Update/delete group operator
POST /api/my-venues/:venueId/admission-groups/:gid/rules Add rule operator
PUT/DELETE /api/my-venues/:venueId/admission-groups/:gid/rules/:id Update/delete rule operator
GET/PUT /api/my-venues/:venueId/booking-policies Booking policy text operator
GET/POST /api/my-venues/:venueId/payment-policies Payment policies operator
PUT/DELETE /api/my-venues/:venueId/payment-policies/:id Update/delete operator

The four families share one CRUD shape: GET lists, POST creates (returns { success, id }), PUT /:id updates, DELETE /:id removes. name is required on every create/update. They differ in the settings they carry:

  • list-profiles - guest-list pricing and admission: venue_access_*, free_guest_list_*, paid_guest_list_*, queue_skip_price_*, surge_threshold_*, surge_price_*, party_size_*, booking window, max_covers_*, and admission_rule_group_id to attach an admission group.
  • table-profiles - table booking: seating_area_ids/table_ids, payment_policy_id, duration, bundle_ids, reservation_tags, booking window, max_covers_*, table_assignment_mode (auto|guest_pick) with guest_pick_area_ids, and pricelist_id.
  • event-profiles - event booking: payment_policy_id, booking window, bundle_ids, reservation_tags, promo_code_ids, visibility and listed.
  • ticket-profiles - ticket booking: booking window, visibility, booking_tags and show_capacity.

Each feature has an *_enabled toggle; a value only applies when its toggle is true, otherwise the venue default is used.

Terminal window
curl -X POST "https://thesidedoor.co/api/my-venues/VENUE_ID/table-profiles" \
-H "Authorization: Bearer $SIDEDOOR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"name":"Standard Table","party_size_enabled":true,"party_size_min":2,"party_size_max":8,"duration_enabled":true,"duration_minutes":120,"table_assignment_mode":"auto","payment_policy_id":"pp_std"}'
{ "success": true, "id": "tp_std" }

Update with PUT /api/my-venues/:venueId/table-profiles/:id and delete with DELETE /api/my-venues/:venueId/table-profiles/:id (deleting also detaches the profile from any access rules that referenced it), each returning { "success": true }. The other three families work identically at their own paths.

An admission group is a named container of rules; each rule tests conditions (guest tags, past bookings, network connections) and applies actions (a discount, auto-approval, an increased plus-one cap). Attach a group to a guest-list profile via its admission_rule_group_id.

POST /api/my-venues/:venueId/admission-groups takes name (required) and an optional sort_order.

Terminal window
curl -X POST "https://thesidedoor.co/api/my-venues/VENUE_ID/admission-groups" \
-H "Authorization: Bearer $SIDEDOOR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"name":"Regulars","sort_order":0}'
{ "success": true, "id": "grp_reg" }

GET /api/my-venues/:venueId/admission-groups returns each group with a nested rules array.

POST /api/my-venues/:venueId/admission-groups/:gid/rules. Each condition and action has an *_enabled toggle plus a typed value: cond_tags (array), cond_bookings_min, cond_connections_min, act_discount_pct, act_autoapprove_enabled (toggle only) and act_maxplus.

Terminal window
curl -X POST "https://thesidedoor.co/api/my-venues/VENUE_ID/admission-groups/grp_reg/rules" \
-H "Authorization: Bearer $SIDEDOOR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"name":"VIP tag → 20% off + auto-approve","cond_tags_enabled":true,"cond_tags":["vip"],"act_discount_enabled":true,"act_discount_pct":20,"act_autoapprove_enabled":true,"act_maxplus_enabled":true,"act_maxplus":6}'
{ "success": true, "id": "arl_1" }

Update a rule with PUT .../admission-groups/:gid/rules/:id and delete it with DELETE .../admission-groups/:gid/rules/:id. Deleting a group also removes its rules and detaches it from any list profiles.

GET /api/my-venues/:venueId/booking-policies returns three free-text policy strings; PUT saves them. Empty strings clear a policy.

Terminal window
curl -X PUT "https://thesidedoor.co/api/my-venues/VENUE_ID/booking-policies" \
-H "Authorization: Bearer $SIDEDOOR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"tables":"48h cancellation notice.","guest_list":"Over-21s only.","events":"Tickets non-refundable."}'
{ "success": true }

Payment policies hold deposit and refund terms; access rules, shifts and profiles reference them by id. POST /api/my-venues/:venueId/payment-policies creates one (name required). Fields: deposit_type (default none), refund_type (default none), refund_percent (default 100), cancel_type (default anytime), cancel_cutoff_value (default 24) and cancel_cutoff_unit (default hours).

Terminal window
curl -X POST "https://thesidedoor.co/api/my-venues/VENUE_ID/payment-policies" \
-H "Authorization: Bearer $SIDEDOOR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"name":"Standard Deposit","deposit_type":"hold","refund_type":"partial","refund_percent":50,"cancel_type":"cutoff","cancel_cutoff_value":24,"cancel_cutoff_unit":"hours"}'
{ "success": true, "id": "pp_std" }

Update with PUT /api/my-venues/:venueId/payment-policies/:id and delete with DELETE /api/my-venues/:venueId/payment-policies/:id, each returning { "success": true }. For how holds are captured or released at check-in, see the operator guide on deposits and holds.