Working with Club Chains
Club chains are brands that group multiple physical locations, such as franchises or directly owned clubs. Resamania is fully equipped to manage these types of organizations.
Before You Start
At Resamania, we distinguish between two types of organizations:
- Simple chains, where all clubs share data seamlessly. This typically applies to chains with wholly owned clubs.
- Chains with a network, where data sharing is controlled and restricted. This often applies to groups that bring together multiple legal entities.
Working with a simple chain imposes no special development constraints. This is the default behavior in Resamania, and all API examples and documentation apply as-is.
Identifying Your Chain Type
Each brand decides during the onboarding process whether or not to enable a network structure.
Understanding Networks
Resamania offers a simple mechanism to enforce data access control. Our networks are based on trees of nodes that reflect the organization's structure.
To operate securely, each API call must answer two key questions:
- Where am I?
- On behalf of whom am I acting?
For example, you might be "at the headquarters" and acting "for the Paris 18th club".
The first answer determines what data you can access. The second identifies the entity you're performing actions for, such as making a sale, adding a mandate, or signing up for a class.
Developing for a Networked Chain
If a chain has opted for a network structure, this may affect your implementation. Each API request must answer the two questions above: where you are, and on whose behalf you're acting.
There are two distinct scenarios:
- Your application uses user-based authentication (
codeorpasswordgrant types) to identify club members. In this case, the API can infer the answers on its own, and you don't need to provide them explicitly. - Your application uses client credentials (anonymous authentication). You must then provide both answers yourself.
Exploring the Network
To answer those questions, you first need to retrieve the network structure. Once authenticated, make a GET request to Resamania 2's API:
https://{api_base_url}/{client_token}/network_nodesRefer to the table below for query parameters:
| Parameter | Description |
|---|---|
api_base_url | The base API URL for the environment you're working with (sandbox or production) |
client_token | The unique Resamania identifier for your brand |
The response will return information like this:
[
{
"@id": "/{client_token}/network_nodes/1",
"@type": "NetworkNode",
"id": 1,
"name": "Headquarters",
"alias": null,
"type": "group",
"clubId": null,
"children": [
{
"@id": "/{client_token}/network_nodes/4",
"@type": "NetworkNode",
"id": 4,
"name": "Paris 18th Club",
"alias": null,
"type": "club",
"clubId": "/{client_token}/clubs/48",
"children": []
},
{
"@id": "/{client_token}/network_nodes/60",
"@type": "NetworkNode",
"id": 60,
"name": "Paris 16th Club",
"alias": null,
"type": "club",
"clubId": "/{client_token}/clubs/183",
"children": []
}
]
}
]| Field | Description |
|---|---|
@id | Textual identifier (IRI) for the node |
id | Numeric ID of the node |
name | Node name, set during network configuration |
alias | Internal use only |
type | Node type: group, mixed, franchise, or club |
clubId | Club ID (present only for club-type nodes) |
children | Child nodes, defining the network's tree structure |
Answering "Where Am I?"
You must position yourself on a specific node in the network. This determines which data you can access.
Note: You can only position yourself on nodes of type group or club.
The expected format is the node's textual identifier:
/{client_token}/network_nodes/{id}Answering "On Whose Behalf Am I Acting?"
All actions are performed on behalf of a specific club. You must provide the club's textual identifier:
/{client_token}/clubs/{id}Providing This Information to Resamania
Each API call must include both answers as headers:
X-User-Network-Node-Id: Where you areX-User-Club-Id: Who you are acting for
Example curl request:
curl -H 'X-User-Network-Node-Id: /{client_token}/network_nodes/{id}' \
-H 'X-User-Club-Id: /{client_token}/clubs/{id}' \
https://{api_base_url}Common API Errors
403: Access Denied
If the API cannot determine your network context, if headers are missing, or if your position is invalid, you will receive an HTTP 403 Access Denied error.