Endpoint

POST - Access validate

This endpoint validates the entry of users at a gym and consequently generates transactions to pay them later.

https://api.partners.gympass.com/access/v1/validate

Request

Example
1curl -X POST https://api.partners.gympass.com/access/v1/validate \
2 -H 'Content-Type: application/json' \
3 -H 'Authorization: Bearer {{Gympass BEARER Token}}' \
4 -H 'X-Gym-Id: ${GYM_ID} \
5 -d '{ "gympass_id": "XXXXXXXXXXXX" }'

Params

FieldDescription
gympass_idRequired field. String, This is the user’s gympass_id with 13 digits, and the "value/option" will require previous check-in at the gym.

Headers

FieldDescription
X-Gym-IdRequired field
This is the ID of the gym you’re setting up. Choose it according to the list of gyms you manage.
Content-TypeRequired field
The Content-Type entity-header is used to indicate the media type of the resource. Use always application/json
AuthorizationRequired field
The key is a string that is generated for you and identifies you and the gyms you are allowed to validate products for. To request yours please contact Gympass Technical Sales.

Response

Example
1{
2 "metadata": {
3 "total": 1,
4 "errors": 0
5 },
6 "results": {
7 "user": {
8 "gympass_id": "XXXXXXXXXXXXX"
9},
10"gym": {
11 "Id": XXX,
12 "product": {
13 "Id": XXX,
14 "description": "XXXXXXX"
15 }
16},
17"validated_at": "2020-02-19T18:00:53Z"
18 }
19}

Response Body

FieldDescription
User: { “gympass_id”: “XXXXXXXXXXXXX” }This is the Gympass User id. You may use it to synchronize users that validated check-ins with your user base.
Gym: { “Id”: XXX }This is the Gympass partner id. You may use it to identify each of your units in your Gympass validations reports.
Gym: { product: { “Id”: XXX , “description”: “XXXXXXX”}These are the identifications of the validated product for a validated check-in. You may use it to identify the validated product for your staff in real-time, just after the validation.
“validated_at”: “YYYY-MM-DDThh:mm:ssTZ”This is the date and time of each check-in validation. You may use it for consultations by your staff in real-time or as a data register in your system.

Use case: if you have a front desk staff, they could use the product information to give proactive orientation and offer them a better experience. |

Return Codes

HTTP Statuscodedescription
200 ok
404 not found{"metadata": { "total": 0, "errors": 1 }, "errors": [ { "message": "Check-In not found in database", "key": "checkin.validation.notfound" }]}The validation system couldn't find the user check in. Please ask the user to perform the check-in and try again.
400 Bad Request{"metadata": {"total": 0,"errors": 1},"errors": [{"message": "Check-In cancelled","key": "checkin.validation.cancelled" }]}When the user cancelled the checkin and your system tried to validate. Please ask the user to perform the check-in and try again.
400 Bad Request{"metadata": {"total": 0,"errors": 1},"errors": [{"message": "Check-In expired","key": "checkin.validation.expired"}]}The user check-in is expired. Please, ask the user to perform the check-in and try again.
400 Bad Request{"metadata": { "total": 0, "errors": 1},"errors": [ { "message": "Check-In already validated", "key": "checkin.already.validated" }]}The user check-in is already validated.
403 Forbidden{"metadata": { "total": 0, "errors": 1},"errors": [ { "Message": "User is not authorized to access this resource with an explicit deny" }]}The API Key is no longer valid.

UML Sequence Diagram

Here you will find an example of the Access Control API workflow for a Gympass user making a subsequent visit to a gym facility, checking in on the Gympass app, and triggering our Access Control API. Once the API is called, this would activate the validation payment to our gym partner.

The examples in this diagram depict the following:

  1. A successful check-in returns a 200 OK response.
  2. Error code 404 Not Found which is related to a check-in attempt not being found.
  3. Error code 400 Bad Request which is related to a check-in attempt after it has been cancelled.
  4. Error code 400 Bad Request which is related to a check-in attempt after the check-in window has expired.
  5. Error code 400 Bad Request which is related to a check-in attempt after check-in has already been validated.

Please Note: Gympass users will need to be added to the gym CMS system and Access Control system on their first visit and be provided with the means to interact with your Access Control system (RFID Card, PIN Code, Fingerprint, etc.)

Enlarge image

Access Control UML.png