Zum Hauptinhalt springen

CASABLANCA Developer Sandbox - Partner Guide

Welcome to the CASABLANCA Developer Sandbox. This portal is your private test environment for building and validating an integration against CASABLANCA APIs before going live with real hotel data.

This guide walks you through every part of the developer portal step by step. No prior experience with CASABLANCA is assumed.

Portal address: https://chs.onl/developer

Getting access

Developer sandbox access is not self-service. Before you can sign in, contact your CASABLANCA Partner Manager (or integration contact) to request access. CASABLANCA creates your tenant and grants access; you then receive your docs passcode and contact email. Without this step, login at https://chs.onl/developer is not possible.


Table of Contents:


1. What the Developer Sandbox does

The Developer Sandbox lets you connect to a fully working but isolated copy of the CASABLANCA system. You can send real API requests, post test charges, create test bookings, and inspect every result without touching any live hotel data.

Everything you do here stays in the sandbox. Nothing affects real guests, reservations, or payments.

With the portal you can:

  • Sign the legal agreement required to access sandbox APIs
  • Generate and manage the API key your integration uses to authenticate (POS and Booking Engine)
  • Read interactive, searchable API documentation for every endpoint
  • Download OpenAPI YAML files and, for Booking Engine, supplementary technical documentation
  • Browse and customize sandbox test data (Booking Engine)
  • Inspect charge requests your system sends and see validation results
  • Configure and test a voucher consumer endpoint
  • Download ready-to-use request collections for the Bruno REST client
  • Simulate a connection outage to verify your error handling
  • Track certification status per API and submit a certification request
  • Read notifications from CASABLANCA on your home page

2. What you need before you start

Getting started follows three steps:

  1. Contact CASABLANCA – your Partner Manager or integration contact creates your developer sandbox account and grants access.
  2. Receive your login details – CASABLANCA sends you the credentials below.
  3. Sign in and continue setup – use the portal to accept the agreement, generate your sandbox API key, and begin integration work.

Step 2: Login credentials

After access is granted, you receive:

WhatDescription
Docs passcodeA 13-character code that identifies your organisation in the sandbox (case-sensitive; may include letters, digits, and special characters)
Contact emailThe email address registered for your account

You also need to know which APIs your account has access to. Not every partner has access to every API. The portal only shows the APIs that are enabled for you. If you expect to see an API and it is not visible, contact your CASABLANCA integration contact.

The three available APIs are:

APIWhat it is for
POS APISending charges from a point-of-sale system to CASABLANCA
Booking Engine APIEmbedding a booking flow on your website or application
Voucher APIConnecting your voucher system so CASABLANCA can redeem vouchers

3. Sign in to the portal

Open the login page: https://chs.onl/developer

Enter your docs passcode and contact email, then click Sign in.

If login fails:

  • The passcode is case-sensitive. Copy it exactly as received.
  • The email must match the address CASABLANCA has on file for your account.
  • If CASABLANCA recently regenerated your passcode, the previous one no longer works. Use only the new one.

After a successful login, the portal checks whether you have already accepted the sandbox legal agreement. If not, the agreement screen appears before anything else in the portal.


4. Accept the agreement (required)

The first time you log in you must accept the API Sandbox Terms of Use and NDA. This is a legal requirement. Until you accept, the portal shows only the agreement screen - you cannot generate an API key, use the build tools, download Bruno collections, or browse documentation in the portal.

Steps to accept:

  1. Read through the full contract text
  2. Scroll to the bottom
  3. Enter your full legal name in the signature field
  4. Confirm that you have read and understood the agreement
  5. Confirm that you are authorised to sign on behalf of your company
  6. Click Accept and continue

The full portal unlocks after acceptance.

Viewing the signed agreement later:

Go to Account in the left sidebar, then click Agreement. The record shows your name, the date of acceptance, and the contract version.

Partner agreement (separate from the sandbox NDA):

The commercial partner agreement is not signed in the developer portal. You can see its status (signed or not signed) under Account → Settings. If it shows as not signed, contact your CASABLANCA integration contact. This is separate from the sandbox NDA you accept on first login.


5. Get your API key

Your API key is the credential your integration sends with every POS or Booking Engine API request. Without it, all requests are rejected.

Where to find it:

Go to Account in the left sidebar, then click API Key.

The page has three sections.


Section 1: Tenant

This shows your account details.

FieldWhat it means
Tenant IDYour unique identifier, used in the URL path of every API request
Partner nameYour company name as registered for your account
Enabled APIsThe APIs your account is allowed to use

Copy the Tenant ID somewhere accessible. You will use it constantly.

Note: If partner name is missing, you cannot generate a key yet. Contact your CASABLANCA integration contact to complete your account setup.


Section 2: API host

This shows the base URL for sandbox API requests:

https://sandbox.casablanca-hotelsoftware.com

Below the URL(s), route prefix examples are shown for each of your enabled outbound APIs (POS and Booking Engine). For example:

https://sandbox.casablanca-hotelsoftware.com/{tenantId}/{interfaceId}/pos/outlets
https://sandbox.casablanca-hotelsoftware.com/{tenantId}/{ibeContextId}/room-types

Replace {tenantId} with your Tenant ID from Section 1. For POS, valid {interfaceId} values are listed under Build → POS. For Booking Engine, use a Space such as context-alpine, context-city, or context-multi.


Section 3: API key

This is where you create and manage your sandbox key.

Critical: your API key is displayed exactly once.

When you generate or regenerate a key, the full key appears in a dialog. This is the only time you will ever see it. Copy it immediately and store it in a secure place. If you close the dialog without copying the key, you will need to generate a new one, which permanently invalidates the old one.

Available actions:

ActionWhat happens
Generate API keyCreates a key; the full value is shown once in a dialog
DisableThe key stops working immediately; it can be reactivated by regenerating
RegenerateCreates a new key and permanently invalidates the current one; the new key is shown once
RemoveDeletes the key entirely; a new one can be generated at any time

There is one active sandbox key per account at most.

Your sandbox API key remains available in Account → API Key after certification - you can still generate, disable, regenerate, or remove it for continued sandbox testing.

Sandbox and production are strictly separated - different hosts and different credentials. Production API keys are not created in the developer portal. After successful certification, CASABLANCA provides your production API key separately. Certification is the process that qualifies you for a production key.

How to use the key in requests:

Add it as a header in every POS and Booking Engine call:

api-key: YOUR_API_KEY

Example with curl:

curl -sS \
"https://sandbox.casablanca-hotelsoftware.com/{tenantId}/{interfaceId}/pos/outlets" \
-H "api-key: YOUR_API_KEY"

Note: The Voucher API works differently. CASABLANCA calls your system rather than the other way around. The API key is not used for Voucher. See section 9 - Voucher for details.


6. Find your sandbox base URL

All sandbox API requests go to:

https://sandbox.casablanca-hotelsoftware.com

This is shown on Account → API Key under API host, together with route prefixes for your enabled APIs.

Production access and your production API key are provided by CASABLANCA; you do not activate production yourself in the portal.


7. Download Bruno and make your first request

Bruno is a free, open-source REST client that makes it easy to send API requests and explore responses without writing setup code. CASABLANCA provides ready-made request collections for POS and Booking Engine.

Where to find the Bruno collections:

Go to Get started → Quickstart.

The Quickstart page also summarises authentication rules, rate limits, and HTTP error codes.

Download the collection for your enabled API:

APICollection file
POS APIcasablanca-bruno-pos-collection.zip
Booking Engine APIcasablanca-bruno-booking-collection.zip

Only collections for APIs enabled on your account are shown. There is no Bruno collection for Voucher - configure and test Voucher from Build → Voucher.

Setup steps:

  1. Download and install Bruno from usebruno.com/downloads
  2. Download the collection zip from the Quickstart page
  3. Unzip the file to a folder on your computer
  4. Open Bruno, click Open Collection, and select the folder containing bruno.json
  5. The Sandbox environment is pre-selected with the base URL already set
  6. Set tenantId and apiKey in the environment (from Account → API Key)

For Booking Engine, also set ibeContextId (e.g. context-alpine) and update date/offer/cart variables as you progress through the workflow.

What each collection covers:

CollectionContents
POSOutlets, waiters, cashdesks, commodity groups, payment types, check-ins, reservations, charge posting, sample error responses
Booking EngineStatic data, calendar dates, inventory, booking offers, shopping carts, shopping cart options, licenses (read-only), checkout and payment

Tip: Use the build tools in the next section to find real sandbox IDs for your requests. If you rename a Space’s context id in Build → Booking Engine, update ibeContextId in your Bruno environment to match.


8. Explore the API documentation

Full interactive API documentation is under Resources → Documentation.

You will see a card for each enabled API. Click Open OpenAPI reference to open the interactive viewer.

The viewer lets you:

  • Browse every endpoint
  • See request and response schemas with examples
  • Send real requests from the browser using Try it out
  • Download YAML – the OpenAPI specification file (toolbar button)

For Booking Engine only, the toolbar also offers Download technical documentation - a PDF with supplementary integration guidance (Booking_Engine_SERVICE_Technical_Documentation.pdf).

You must accept the sandbox NDA before you can open documentation in the portal (see section 4).

Available API references:

APIVersion
POS APIv1.0.2
Booking Engine APIv1.0.1
Voucher APIv1.0.0

Only the APIs enabled for your account are shown.


9. Use the build tools

The Build section gives you hands-on tools for each enabled API.


APIs overview (Build → APIs)

Product cards for each enabled API with a short description, an architecture diagram, and links to the developer tools and OpenAPI reference.


POS (Build → POS)

The POS build page has two tools.

Sandbox data

Select a POS interface from the dropdown and click Refresh. The tables show test data for that interface:

TableWhat it contains
OutletsPoints of sale
WaitersStaff accounts for charge attribution
CashdesksCash register definitions
Commodity groupsArticle category groupings
Payment typesAccepted payment methods
ReservationsTest hotel reservations
Check-insCurrently checked-in guests
Table allocationsRestaurant table assignments

Click any row to open the full record. Use these IDs in API calls and Bruno requests.

Charges inspector

Every charge your integration sends appears here. Filter by date, validation status, or keyword. Click a row for the full request body and validation result.

Charges that reference unknown outlet, waiter, cash desk, or commodity group codes are rejected (HTTP 400). Sync master data via the configuration endpoints before your first charge. If you do not use real outlets or waiters, create placeholder records (for example mappingCode: "1", name: "YourPartner POS") so hotel staff can process charges without manual remapping.

Typical workflow:

  1. Sync outlets, waiters, cash desks, commodity groups, and payment types (Bruno setup requests or configuration endpoints)
  2. Post a test charge using Bruno or your own client
  3. Find the request in the Charges section and check validation
  4. Adjust and retry if needed

Booking Engine (Build → Booking Engine)

Select a Space and click Refresh to load sandbox data. Each Space is seeded with a ready-made catalog — room types, rates, policies, companies, upselling articles, settings, licenses, and runtime data such as shopping carts — which you can customize to match your integration test scenarios (hotel names, room types, rates, payment flows). Customization is sandbox-only and scoped to your tenant; it does not affect production or other partners.

Three test Spaces are available by default:

Space (context id)Payment typeWhat happens at checkout
context-cityDirect paymentCheckout returns a paymentLink; cart state becomes PaymentStarted
context-alpineDirect paymentSame as city, single-property hotel
context-multiBank depositReservations returned immediately; no payment step

Use the Space dropdown, Edit Space, and Refresh at the top of the sandbox section. Every Booking Engine API path includes the Space context id — for example GET /{tenantId}/{ibeContextId}/room-types. If you change a Space’s context id, use the new value in your requests and in Bruno’s ibeContextId variable.

Customizing sandbox seed data

Spaces

Click Edit Space next to the Space selector to change:

FieldWhat it does
Display nameLabel shown in the portal dropdown only
Context idPartner-facing id used in API URL paths (e.g. context-alpine)
Payment typeControls checkout behaviour for that Space (see payment section below)

Changing the payment type updates how checkout works for that Space — for example switching between direct payment (payment link) and bank deposit (immediate reservations).

Static catalog

The sandbox tables below the Space selector show static content returned by the Booking Engine API. Use + Add buttons and Edit where available. Click any row to view the full JSON record.

TableAddEditRemove
CompaniesAll fields (including company id)
ArticlesYes (name)Name only
Room typesYesYes
RatesYes
Cancellation / deposit policiesYes
Person groupsYes
Upselling articlesYes

Notes:

  • Companies — Each Space has one or two seeded properties. You cannot add or remove companies, but you can edit ids, names, addresses, and contact details to match your test PMS ids. If you change a company id, room types and upselling articles that reference it are updated automatically.
  • Articles — Used in room-stay offer services and as the backing article for upselling items. New articles receive an auto-assigned numeric id; you can rename existing articles but not change their id.
  • Room types — When adding a room type, choose an existing company id. Removing a room type also deletes its inventory rows for that Space.

Images

Edit header and logo URLs in the Images table. A default placeholder URL is prefilled when the stored value is empty; you can change it and click Save.

Inventory

Manage availability per Space: add a row (room type, date, capacity), autogenerate rows for a date range, or remove individual rows. Inventory is separate from the static room-type catalog.

Read-only in the builder

Licenses, form fields, and design tokens are shown for reference but cannot be edited in the portal. Booking offers, shopping carts, and reservations are created through the API (or Bruno) — browse them in the runtime tables and use Complete payment where applicable.

Reset options

ButtonEffect
Reset sandboxRestores the default static catalog and settings for all Spaces; keeps offers, carts, and reservations
Reset allFull reset — also clears offers, carts, reservations, and inventory; restores everything to defaults

Use Reset sandbox when catalog edits need to be undone but you want to keep runtime test data. Use Reset all when you need a completely clean end-to-end test run.

Completing payment in the sandbox (DirectPayment contexts)

After checkout, the API returns a paymentLink (in production this would redirect the guest to a real payment provider). In the sandbox, complete payment from Build → Booking Engine:

  • Scroll to Checkout & payment in the sandbox at the bottom of the page
  • Use Complete payment in the manual confirmation panel (enter the shopping cart ID), or
  • Click Complete payment on the cart row in the shopping carts table when state is PaymentStarted
  • Or keep polling cart state — the sandbox auto-completes payment after about 30 seconds

For Bank deposit (context-multi), there is nothing to confirm; checkout returns reservations immediately.

Typical booking workflow:

  1. List room types for your Space
  2. Create a booking offer for your dates; note bookingOfferId
  3. Create a shopping cart; note shoppingCartId
  4. Check out the cart
  5. For direct-payment contexts, complete payment in Build → Booking Engine (see above) or wait about 30 seconds for automatic completion while polling cart state
  6. Fetch the cart or reservations once state is CheckedOut

Voucher (Build → Voucher)

CASABLANCA calls your voucher endpoints - you expose them; the sandbox API key is not used here.

Configuration

Enter your voucher service base URL and save. Default route paths:

OperationDefault route
LookupGET /voucher/{voucherId}
RedeemPOST /voucher/{voucherId}/redeem
Cancel redemptionPOST /voucher/{voucherId}/redemptionCancel

If your paths differ, double-click a route row to edit the segments before and after {voucherId}. A confirmation appears before saving - custom paths may require additional implementation work billed to the partner.

Test console

Use Lookup, Redeem, and Storno to simulate CASABLANCA calls. Optional Bearer or Basic credentials apply to the current session only and are not stored.

The live log shows the last 15 calls. History holds up to 500 entries with full request and response details.

Typical workflow:

  1. Run your voucher endpoint on a URL reachable from the internet (e.g. via ngrok locally)
  2. Enter the base URL on Build → Voucher and save
  3. Adjust routes if needed
  4. Run Lookup, then Redeem and Storno with test data

10. Test resilience with the outage simulator

If you build a POS integration, verify that connection failures do not lose queued charges.

Where to find it:

Account → SettingsPause POS API

This simulates a 10-minute outage: POS requests from your account hang with no response. Click Resume POS API to end early. Booking Engine is not affected.

The simulator is available while the POS API is enabled and not yet certified for your account. Once POS shows as certified, this section is hidden.

Use this to confirm your integration detects the failure, stores charges locally, retries when the API responds again, and avoids duplicate posting.

The Settings page also shows:

  • API certification – sandbox vs certified for each enabled API
  • Partner agreement – signed or not signed (read-only; contact CASABLANCA if not signed)

11. Move to production: certification

When your integration is tested in the sandbox, you request certification through the portal. A production API key is granted by CASABLANCA after the process completes - you cannot certify yourself or create production keys in the portal.

Where to start:

Get started → Certification

Certification is tracked per enabled API (POS, Booking Engine, and Voucher independently). The home page and Account → Settings show sandbox vs certified for each API. The Certification menu item is hidden when all enabled APIs are certified.


The four steps

  1. Submit your certification request in the portal (form below)
  2. Run integration tests with CASABLANCA at the agreed appointment
  3. Provide interface documentation as requested
  4. Receive your production API key from CASABLANCA once certification for your APIs is complete

Certification request form

Fill in the form on Get started → Certification. You can Save progress at any time before submitting.

SectionWhat to provide
Preferred dateAt least 28 days from today
Contact emailEmail for certification correspondence
Used APIsWhich of your enabled APIs the integration uses
Main use casesTarget groups and descriptions
User flowsStep-by-step flows in your product
LimitationsKnown limits or exclusions
Workflow diagramPNG, JPG, PDF, or SVG - up to 10 MB
Pilot customersHotels or sites for the pilot phase
Pilot phase documentationYour rollout plan, timelines, and success criteria

If the partner agreement is not yet signed, an informational banner may appear. You can still save progress and submit the request; contact your CASABLANCA integration contact to complete the partner agreement separately.

Only one active certification request is processed at a time. After you submit, the form is replaced by status and a timeline (appointment, test, result, follow-up stages as CASABLANCA progresses your request).

While your request is open, you may see:

  • CASABLANCA summary – read-only feedback from CASABLANCA when provided
  • Save updates – edit and save changes while the request allows partner updates
  • Previous certification requests – archive of past submissions
  • Request new certification – when your previous request is complete and a new one is allowed

Statuses you may see: draft, certification pending, partially certified, certified, failed, or cancelled.

Once all enabled APIs are certified, the home page reflects certified status and the production API host appears on Account → API Key. The sandbox key section stays available for sandbox testing. Contact CASABLANCA for your production API key - it is not issued through the portal.


12. What only CASABLANCA can change

Contact your CASABLANCA integration contact if you need any of the following:

TopicWhy you cannot change it in the portal
Developer sandbox accessMust be created and granted by CASABLANCA before you receive a passcode
Enabled APIsWhich APIs appear in your account
Partner nameRequired before you can generate a sandbox API key
Docs passcodeRegenerated by CASABLANCA if lost or compromised
Partner agreementStatus is shown read-only under Account → Settings
Certification outcomeProduction certification per API is confirmed by CASABLANCA
Production API keyProvided by CASABLANCA after certification; not generated in the developer portal
Sandbox API keyYou manage this yourself under Account → API Key

13. Troubleshooting

I cannot log in

  • You need developer sandbox access from CASABLANCA first - contact your Partner Manager if you have not received a passcode.
  • Passcode is case-sensitive; copy it exactly (13 characters, may include special characters).
  • Email must match the address CASABLANCA registered for your account.
  • A replaced passcode invalidates the previous one immediately.

The API key section says partner name is missing

Contact your CASABLANCA integration contact to complete account setup before generating a key.

I closed the API key dialog without copying the key

The key cannot be retrieved. Use Regenerate to create a new one.

I get a 401 error on API calls

Missing, incorrect, disabled, or removed API key. Check the api-key header and Account → API Key.

I get a 403 error on API calls

Tenant ID in the URL does not match your account. Copy Tenant ID from Account → API Key.

I get a 429 error

More than 100 requests per minute. Wait for the Retry-After header before retrying.

My charge does not appear in the charges inspector

  • Confirm API key and tenant ID.
  • Wait a few seconds and refresh.
  • Confirm the correct POS interface ID under Build → POS.

An API is not visible in the sidebar

That API is not enabled for your account. Contact your CASABLANCA integration contact.

Certification save fails or diagram upload is rejected

  • Workflow diagrams must be PNG, JPG, PDF, or SVG and at most 10 MB.
  • If the portal reports the upload is too large, use a smaller file or compress the image.

I need help with a specific failed request

Copy the traceId from the error response and send it to CASABLANCA support.


14. Quick reference

First-time setup checklist

  • Contact CASABLANCA Partner Manager to request developer sandbox access
  • Receive docs passcode and contact email after access is granted
  • Sign in at https://chs.onl/developer/
  • Accept the API Sandbox Terms of Use and NDA
  • Open Account → API Key and copy your Tenant ID
  • Generate your sandbox API key and store it securely
  • Note your sandbox base URL from the API host section
  • Download the Bruno collection from Get started → Quickstart
  • Install Bruno, open the collection, set tenantId and apiKey
  • Browse sandbox data under Build → POS or Build → Booking Engine
  • Read OpenAPI reference under Resources → Documentation
  • When ready: submit a certification request under Get started → Certification

Portal navigation at a glance

What you want to doWhere to go
Accept sandbox NDAFirst login, or Account → Agreement
View signed NDA againAccount → Agreement
Check partner agreement statusAccount → Settings
Get sandbox API keyAccount → API Key
Find sandbox / production base URLAccount → API Key, API host section
See enabled APIs and certification statusAccount → API Key or Account → Settings
Simulate POS outageAccount → Settings (POS not yet certified)
Read notificationsHome page (bell icon)
Download Bruno collectionsGet started → Quickstart
Read auth and rate limitsGet started → Quickstart
Submit certification requestGet started → Certification
Browse sandbox test dataBuild → POS or Build → Booking Engine
Customize Booking Engine seed dataBuild → Booking Engine (Space selector, tables)
Inspect posted chargesBuild → POS, Charges section
Configure voucher endpointBuild → Voucher
Read interactive API docsResources → Documentation
Download OpenAPI YAML / Booking PDFResources → Documentation → open API → toolbar
Check service uptimeResources → Status
See product changesResources → Changelog

HTTP error codes

CodeMeaningWhat to check
400Invalid requestRequest body against OpenAPI schema; unknown POS reference codes
401Missing or invalid API keyapi-key header
403Not authorisedTenant ID in URL path
404Resource not foundResource ID in request
429Rate limit exceededWait for Retry-After
500Unexpected server errorInclude traceId when contacting support

External resources

ResourceURL
Developer portalchs.onl/developer/
Service statusstatus.casablanca.at
Product changelogcasablanca.at/updates
Privacy policycasablanca.at/legal/datenschutzerklaerung
Impressumcasablanca.at/legal/impressum
Bruno REST clientusebruno.com