Skip to content

Understory API

This is the reference documentation for the Understory API. Here you can find detailed information about the API endpoints, request and response formats, and authentication methods.

For more general information, go to Documentation.

Preview

You’re exploring an early preview of the Understory API documentation. Take a look around and see what’s available.

Want to help us test and improve it? Share your feedback by clicking the chat icon in the bottom right. We’d love to hear your thoughts!

Download OpenAPI description
index.json
index.yaml
Overview
License
Apache 2.0
Languages
Servers
https://api.understory.io/

Booking

Bookings related endpoints.

OperationsWebhooks

Event Availability

Query availability for events.

Event availability is a computed value based on a number of parameters, including:

  • Event capacity and current reservations
  • Resources linked to tickets and bookings (e.g., bikes, kayaks, equipment)
  • Booking cut-off time

The availability response includes both an overall availability status and a breakdown of individual constraints, allowing you to understand exactly what factors are limiting availability for a given event.

Operations

Event

This is a preview of the Events API specification.

The API is not yet available in production.

OperationsWebhooks

Experience

This is a preview of the Experience API specification.

The API is not yet available in production.

OperationsWebhooks

Grow

This is a collection of endpoints related to Understory Grow.

Operations

Test

These endpoints are for testing purposes only.

You can use them to verify that your integration authentication works as intended.

Operations

Webhook

Webhook subscription management and event delivery.

Webhooks are sent to subscriber endpoints when events occur related to experiences, events, and bookings.

OperationsWebhooks

Booking createdPreviewWebhook

Request

Sent when a new booking is created.

Headers
webhook-idstringrequired

Unique identifier for this webhook message. This ID is the same when a webhook is retried due to a previous failure. Use this for deduplication.

webhook-timestampstringrequired

Timestamp of when the webhook was sent, in seconds since epoch. Compare against your system time to prevent replay attacks.

webhook-signaturestringrequired

Base64-encoded HMAC-SHA256 signature for verifying the webhook authenticity. The signature is computed over: {webhook-id}.{webhook-timestamp}.{body}.

Bodyapplication/jsonrequired

Information about the created booking.

booking_idstringrequired

The unique identifier of the created booking.

host_idstringrequired

The unique identifier of the host (company) that owns the booking.

experience_idstringrequired

The unique identifier of the experience this booking is for.

event_idstringrequired

The unique identifier of the event this booking is for.

application/json
{
  "booking_id": "string",
  "host_id": "string",
  "experience_id": "string",
  "event_id": "string"
}

Responses

OK

Booking updatedPreviewWebhook

Request

Sent when a booking is updated.

Headers
webhook-idstringrequired

Unique identifier for this webhook message. This ID is the same when a webhook is retried due to a previous failure. Use this for deduplication.

webhook-timestampstringrequired

Timestamp of when the webhook was sent, in seconds since epoch. Compare against your system time to prevent replay attacks.

webhook-signaturestringrequired

Base64-encoded HMAC-SHA256 signature for verifying the webhook authenticity. The signature is computed over: {webhook-id}.{webhook-timestamp}.{body}.

Bodyapplication/jsonrequired

Information about the updated booking.

booking_idstringrequired

The unique identifier of the updated booking.

host_idstringrequired

The unique identifier of the host (company) that owns the booking.

experience_idstringrequired

The unique identifier of the experience this booking is for.

event_idstringrequired

The unique identifier of the event this booking is for.

application/json
{
  "booking_id": "string",
  "host_id": "string",
  "experience_id": "string",
  "event_id": "string"
}

Responses

OK

Booking cancelledPreviewWebhook

Request

Sent when a booking is cancelled.

Headers
webhook-idstringrequired

Unique identifier for this webhook message. This ID is the same when a webhook is retried due to a previous failure. Use this for deduplication.

webhook-timestampstringrequired

Timestamp of when the webhook was sent, in seconds since epoch. Compare against your system time to prevent replay attacks.

webhook-signaturestringrequired

Base64-encoded HMAC-SHA256 signature for verifying the webhook authenticity. The signature is computed over: {webhook-id}.{webhook-timestamp}.{body}.

Bodyapplication/jsonrequired

Information about the cancelled booking.

booking_idstringrequired

The unique identifier of the cancelled booking.

host_idstringrequired

The unique identifier of the host (company) that owns the booking.

event_idstringrequired

The unique identifier of the event this booking was for.

application/json
{
  "booking_id": "string",
  "host_id": "string",
  "event_id": "string"
}

Responses

OK