ADMIN SIGN IN
< All Topics
Print

Getting Started with Member Portal APIs

We provide a member portal for group members to use with their group. The member portal is available both as a web application at a url that the group sets up, as well as through a mobile app that we have developed.

The member portal theme can be changed through your administration portals settings section to use the styling that your club prefers, and you can control what options your group members can have access to through the portal as well.

You can also develop your own portal by using the same API’s that we have developed for our portal. This document will describe the steps to authenticate a member login, and access the API’s. Note that an API key, as described in the Getting started with API integration is not required for using the member portal APIs.

Getting the tenant information

The first step in the portal development process is to get the information for the tenant that you want to authenticate a member with. To do this you need to make a request with the get_tenant action and the subdomain for the tenant you are interested in.

{
"action": "get_tenant",
"subdomain": <tenant_subdomain>
}

If the group is found this will return the tenant information record. You will need some of the information in this record for future calls. You can save this information somewhere so you do not need to make this API call every time.

Authenticating a Member

Looking up the member

Authenticating a member is a multi step process. The first step involves looking up the member. You do this with the lookup_member action

{
"action":"lookup_member",
"tenant": <tenant_id>,
"username": <member_email_address>
}

This will cause the system to look for a member with the exact same email address that you provide. If the member is found you will get back a successful JSON response with the member record. One of the most important keys in this response will be the “hasPassword” key. If this is false you will need to walk the member through the process of setting up a password. If the member already has a password you can go to the next step of validating the member password with their email address.

If the member was not found you will get back an error response

{
"member":null,
"redirect":null,
"success":false,
"errorMessage":"Unable to find user with email fake@nowhere.com"
}

Logging in the member

After you have confirmed that you have found the member through the lookup, and they have a password, you can ask them to provide the password to you and send a member_login action with the login information

{
"action":"member_login",
"password": <password>,
"tenant": <tenant_id>,
"username": <member_email_address>
}

If the password is invalid you will get back an error

{
"success":false,
"errorMessage":"Invalid Password"
}

If successful you will get back a success response with an X-Dart-Token in the response header. You need to store this token as it will serve as the member identity for all member portal API’s. The token is good for 24 hours, but for security we recommend you build in an inactivity timeout and sign out the member and delete the token if they leave the portal.

Setting up a password

If the member is found by the lookup but hasPassword is false, you will need to setup their password. This is done with the member_set_password action

{
"action":"member_set_password",
"tenant": <tenant_id>,
"username": <member_email_address>,
"password": <password>
}

Security starts with strong passwords and the weakest link in security is always poor passwords. We strongly recommend that you check the password before setting it to verify that it meets industry security standards, like a mixture of upper and lower case letters, at least one number, at least one special characters, and at least 8 characters in length. Note that this API will only work to establish a password for the first time. If the user has forgotten their password you will need to use the forgot password API to force a strong password to be generated and emailed to the member.

{
"action":"member_forgot_password",
"tenant": <tenant_id>,
"username":<member_email_address>
}

The forgot password action will fail if the member has never had a password setup, so make sure you do not expose forgot password functionality if the hasPassword flag is false on the member record response.

Conclusion

With the X-Dart-Token you will be able to make any of the portal API calls on behalf of the member. We may add multi-factor authentication to member logins, like we do for admin logins, and if we do that we will update this documentation and give you time to implement it in your code.

Table of Contents
Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from - Youtube
Vimeo
Consent to display content from - Vimeo
Google Maps
Consent to display content from - Google
Spotify
Consent to display content from - Spotify
Sound Cloud
Consent to display content from - Sound