CASABLANCA Developer Sandbox - Partner Guide
Welcome to the CASABLANCA Developer Sandbox. This portal is your private test environment for building and validating an integration against CASABLANCA APIs before going live with real hotel data.
This guide walks you through every part of the developer portal step by step. No prior experience with CASABLANCA is assumed.
Portal address: https://chs.onl/developer
Getting access
Developer sandbox access is not self-service. Before you can sign in, contact your CASABLANCA Partner Manager (or integration contact) to request access. CASABLANCA creates your tenant and grants access; you then receive your docs passcode and contact email. Without this step, login at https://chs.onl/developer is not possible.
Table of Contents:
- Getting access
- 1. What the Developer Sandbox does
- 2. What you need before you start
- 3. Sign in to the portal
- 4. Accept the agreement (required)
- 5. Get your API key
- 6. Find your sandbox base URL
- 7. Download Bruno and make your first request
- 8. Explore the API documentation
- 9. Use the build tools
- 10. Test resilience with the outage simulator
- 11. Move to production: certification
- 12. What only CASABLANCA can change
- 13. Troubleshooting
- 14. Quick reference
1. What the Developer Sandbox does
The Developer Sandbox lets you connect to a fully working but isolated copy of the CASABLANCA system. You can send real API requests, post test charges, create test bookings, and inspect every result without touching any live hotel data.
Everything you do here stays in the sandbox. Nothing affects real guests, reservations, or payments.
With the portal you can:
- Sign the legal agreement required to access sandbox APIs
- Generate and manage the API key your integration uses to authenticate (POS and Booking Engine)
- Read interactive, searchable API documentation for every endpoint
- Download OpenAPI YAML files and, for Booking Engine, supplementary technical documentation
- Browse and customize sandbox test data (Booking Engine)
- Inspect charge requests your system sends and see validation results
- Configure and test a voucher consumer endpoint
- Download ready-to-use request collections for the Bruno REST client
- Simulate a connection outage to verify your error handling
- Track certification status per API and submit a certification request
- Read notifications from CASABLANCA on your home page
2. What you need before you start
Getting started follows three steps:
- Contact CASABLANCA – your Partner Manager or integration contact creates your developer sandbox account and grants access.
- Receive your login details – CASABLANCA sends you the credentials below.
- Sign in and continue setup – use the portal to accept the agreement, generate your sandbox API key, and begin integration work.
Step 2: Login credentials
After access is granted, you receive:
| What | Description |
|---|---|
| Docs passcode | A 13-character code that identifies your organisation in the sandbox (case-sensitive; may include letters, digits, and special characters) |
| Contact email | The email address registered for your account |
You also need to know which APIs your account has access to. Not every partner has access to every API. The portal only shows the APIs that are enabled for you. If you expect to see an API and it is not visible, contact your CASABLANCA integration contact.
The three available APIs are:
| API | What it is for |
|---|---|
| POS API | Sending charges from a point-of-sale system to CASABLANCA |
| Booking Engine API | Embedding a booking flow on your website or application |
| Voucher API | Connecting your voucher system so CASABLANCA can redeem vouchers |
3. Sign in to the portal
Open the login page: https://chs.onl/developer
Enter your docs passcode and contact email, then click Sign in.
If login fails:
- The passcode is case-sensitive. Copy it exactly as received.
- The email must match the address CASABLANCA has on file for your account.
- If CASABLANCA recently regenerated your passcode, the previous one no longer works. Use only the new one.
After a successful login, the portal checks whether you have already accepted the sandbox legal agreement. If not, the agreement screen appears before anything else in the portal.
4. Accept the agreement (required)
The first time you log in you must accept the API Sandbox Terms of Use and NDA. This is a legal requirement. Until you accept, the portal shows only the agreement screen - you cannot generate an API key, use the build tools, download Bruno collections, or browse documentation in the portal.
Steps to accept:
- Read through the full contract text
- Scroll to the bottom
- Enter your full legal name in the signature field
- Confirm that you have read and understood the agreement
- Confirm that you are authorised to sign on behalf of your company
- Click Accept and continue
The full portal unlocks after acceptance.
Viewing the signed agreement later:
Go to Account in the left sidebar, then click Agreement. The record shows your name, the date of acceptance, and the contract version.
Partner agreement (separate from the sandbox NDA):
The commercial partner agreement is not signed in the developer portal. You can see its status (signed or not signed) under Account → Settings. If it shows as not signed, contact your CASABLANCA integration contact. This is separate from the sandbox NDA you accept on first login.
5. Get your API key
Your API key is the credential your integration sends with every POS or Booking Engine API request. Without it, all requests are rejected.
Where to find it:
Go to Account in the left sidebar, then click API Key.
The page has three sections.
Section 1: Tenant
This shows your account details.
| Field | What it means |
|---|---|
| Tenant ID | Your unique identifier, used in the URL path of every API request |
| Partner name | Your company name as registered for your account |
| Enabled APIs | The APIs your account is allowed to use |
Copy the Tenant ID somewhere accessible. You will use it constantly.
Note: If partner name is missing, you cannot generate a key yet. Contact your CASABLANCA integration contact to complete your account setup.
Section 2: API host
This shows the base URL for sandbox API requests:
https://sandbox.casablanca-hotelsoftware.com
Below the URL(s), route prefix examples are shown for each of your enabled outbound APIs (POS and Booking Engine). For example:
https://sandbox.casablanca-hotelsoftware.com/{tenantId}/{interfaceId}/pos/outlets
https://sandbox.casablanca-hotelsoftware.com/{tenantId}/{ibeContextId}/room-types
Replace {tenantId} with your Tenant ID from Section 1. For POS, valid {interfaceId} values are listed under Build → POS. For Booking Engine, use a Space such as context-alpine, context-city, or context-multi.
Section 3: API key
This is where you create and manage your sandbox key.
Critical: your API key is displayed exactly once.
When you generate or regenerate a key, the full key appears in a dialog. This is the only time you will ever see it. Copy it immediately and store it in a secure place. If you close the dialog without copying the key, you will need to generate a new one, which permanently invalidates the old one.
Available actions:
| Action | What happens |
|---|---|
| Generate API key | Creates a key; the full value is shown once in a dialog |
| Disable | The key stops working immediately; it can be reactivated by regenerating |
| Regenerate | Creates a new key and permanently invalidates the current one; the new key is shown once |
| Remove | Deletes the key entirely; a new one can be generated at any time |
There is one active sandbox key per account at most.
Your sandbox API key remains available in Account → API Key after certification - you can still generate, disable, regenerate, or remove it for continued sandbox testing.
Sandbox and production are strictly separated - different hosts and different credentials. Production API keys are not created in the developer portal. After successful certification, CASABLANCA provides your production API key separately. Certification is the process that qualifies you for a production key.
How to use the key in requests:
Add it as a header in every POS and Booking Engine call:
api-key: YOUR_API_KEY
Example with curl:
curl -sS \
"https://sandbox.casablanca-hotelsoftware.com/{tenantId}/{interfaceId}/pos/outlets" \
-H "api-key: YOUR_API_KEY"
Note: The Voucher API works differently. CASABLANCA calls your system rather than the other way around. The API key is not used for Voucher. See section 9 - Voucher for details.
6. Find your sandbox base URL
All sandbox API requests go to:
https://sandbox.casablanca-hotelsoftware.com
This is shown on Account → API Key under API host, together with route prefixes for your enabled APIs.
Production access and your production API key are provided by CASABLANCA; you do not activate production yourself in the portal.
7. Download Bruno and make your first request
Bruno is a free, open-source REST client that makes it easy to send API requests and explore responses without writing setup code. CASABLANCA provides ready-made request collections for POS and Booking Engine.
Where to find the Bruno collections:
Go to Get started → Quickstart.
The Quickstart page also summarises authentication rules, rate limits, and HTTP error codes.
Download the collection for your enabled API:
| API | Collection file |
|---|---|
| POS API | casablanca-bruno-pos-collection.zip |
| Booking Engine API | casablanca-bruno-booking-collection.zip |
Only collections for APIs enabled on your account are shown. There is no Bruno collection for Voucher - configure and test Voucher from Build → Voucher.
Setup steps:
- Download and install Bruno from usebruno.com/downloads
- Download the collection zip from the Quickstart page
- Unzip the file to a folder on your computer
- Open Bruno, click Open Collection, and select the folder containing
bruno.json - The Sandbox environment is pre-selected with the base URL already set
- Set
tenantIdandapiKeyin the environment (from Account → API Key)
For Booking Engine, also set ibeContextId (e.g. context-alpine) and update date/offer/cart variables as you progress through the workflow.
What each collection covers:
| Collection | Contents |
|---|---|
| POS | Outlets, waiters, cashdesks, commodity groups, payment types, check-ins, reservations, charge posting, sample error responses |
| Booking Engine | Static data, calendar dates, inventory, booking offers, shopping carts, shopping cart options, licenses (read-only), checkout and payment |
Tip: Use the build tools in the next section to find real sandbox IDs for your requests. If you rename a Space’s context id in Build → Booking Engine, update
ibeContextIdin your Bruno environment to match.
8. Explore the API documentation
Full interactive API documentation is under Resources → Documentation.
You will see a card for each enabled API. Click Open OpenAPI reference to open the interactive viewer.
The viewer lets you:
- Browse every endpoint
- See request and response schemas with examples
- Send real requests from the browser using Try it out
- Download YAML – the OpenAPI specification file (toolbar button)
For Booking Engine only, the toolbar also offers Download technical documentation - a PDF with supplementary integration guidance (Booking_Engine_SERVICE_Technical_Documentation.pdf).
You must accept the sandbox NDA before you can open documentation in the portal (see section 4).
Available API references:
| API | Version |
|---|---|
| POS API | v1.0.2 |
| Booking Engine API | v1.0.1 |
| Voucher API | v1.0.0 |
Only the APIs enabled for your account are shown.
9. Use the build tools
The Build section gives you hands-on tools for each enabled API.
APIs overview (Build → APIs)
Product cards for each enabled API with a short description, an architecture diagram, and links to the developer tools and OpenAPI reference.
POS (Build → POS)
The POS build page has two tools.
Sandbox data
Select a POS interface from the dropdown and click Refresh. The tables show test data for that interface:
| Table | What it contains |
|---|---|
| Outlets | Points of sale |
| Waiters | Staff accounts for charge attribution |
| Cashdesks | Cash register definitions |
| Commodity groups | Article category groupings |
| Payment types | Accepted payment methods |
| Reservations | Test hotel reservations |
| Check-ins | Currently checked-in guests |
| Table allocations | Restaurant table assignments |
Click any row to open the full record. Use these IDs in API calls and Bruno requests.
Charges inspector
Every charge your integration sends appears here. Filter by date, validation status, or keyword. Click a row for the full request body and validation result.
Charges that reference unknown outlet, waiter, cash desk, or commodity group codes are rejected (HTTP 400). Sync master data via the configuration endpoints before your first charge. If you do not use real outlets or waiters, create placeholder records (for example mappingCode: "1", name: "YourPartner POS") so hotel staff can process charges without manual remapping.
Typical workflow:
- Sync outlets, waiters, cash desks, commodity groups, and payment types (Bruno setup requests or configuration endpoints)
- Post a test charge using Bruno or your own client
- Find the request in the Charges section and check validation
- Adjust and retry if needed
Booking Engine (Build → Booking Engine)
Select a Space and click Refresh to load sandbox data. Each Space is seeded with a ready-made catalog — room types, rates, policies, companies, upselling articles, settings, licenses, and runtime data such as shopping carts — which you can customize to match your integration test scenarios (hotel names, room types, rates, payment flows). Customization is sandbox-only and scoped to your tenant; it does not affect production or other partners.
Three test Spaces are available by default:
| Space (context id) | Payment type | What happens at checkout |
|---|---|---|
| context-city | Direct payment | Checkout returns a paymentLink; cart state becomes PaymentStarted |
| context-alpine | Direct payment | Same as city, single-property hotel |
| context-multi | Bank deposit | Reservations returned immediately; no payment step |
Use the Space dropdown, Edit Space, and Refresh at the top of the sandbox section. Every Booking Engine API path includes the Space context id — for example GET /{tenantId}/{ibeContextId}/room-types. If you change a Space’s context id, use the new value in your requests and in Bruno’s ibeContextId variable.
Customizing sandbox seed data
Spaces
Click Edit Space next to the Space selector to change:
| Field | What it does |
|---|---|
| Display name | Label shown in the portal dropdown only |
| Context id | Partner-facing id used in API URL paths (e.g. context-alpine) |
| Payment type | Controls checkout behaviour for that Space (see payment section below) |
Changing the payment type updates how checkout works for that Space — for example switching between direct payment (payment link) and bank deposit (immediate reservations).
Static catalog
The sandbox tables below the Space selector show static content returned by the Booking Engine API. Use + Add buttons and Edit where available. Click any row to view the full JSON record.
| Table | Add | Edit | Remove |
|---|---|---|---|
| Companies | — | All fields (including company id) | — |
| Articles | Yes (name) | Name only | — |
| Room types | Yes | — | Yes |
| Rates | Yes | — | — |
| Cancellation / deposit policies | Yes | — | — |
| Person groups | Yes | — | — |
| Upselling articles | Yes | — | — |
Notes:
- Companies — Each Space has one or two seeded properties. You cannot add or remove companies, but you can edit ids, names, addresses, and contact details to match your test PMS ids. If you change a company id, room types and upselling articles that reference it are updated automatically.
- Articles — Used in room-stay offer services and as the backing article for upselling items. New articles receive an auto-assigned numeric id; you can rename existing articles but not change their id.
- Room types — When adding a room type, choose an existing company id. Removing a room type also deletes its inventory rows for that Space.
Images
Edit header and logo URLs in the Images table. A default placeholder URL is prefilled when the stored value is empty; you can change it and click Save.
Inventory
Manage availability per Space: add a row (room type, date, capacity), autogenerate rows for a date range, or remove individual rows. Inventory is separate from the static room-type catalog.
Read-only in the builder
Licenses, form fields, and design tokens are shown for reference but cannot be edited in the portal. Booking offers, shopping carts, and reservations are created through the API (or Bruno) — browse them in the runtime tables and use Complete payment where applicable.
Reset options
| Button | Effect |
|---|---|
| Reset sandbox | Restores the default static catalog and settings for all Spaces; keeps offers, carts, and reservations |
| Reset all | Full reset — also clears offers, carts, reservations, and inventory; restores everything to defaults |
Use Reset sandbox when catalog edits need to be undone but you want to keep runtime test data. Use Reset all when you need a completely clean end-to-end test run.
Completing payment in the sandbox (DirectPayment contexts)
After checkout, the API returns a paymentLink (in production this would redirect the guest to a real payment provider). In the sandbox, complete payment from Build → Booking Engine:
- Scroll to Checkout & payment in the sandbox at the bottom of the page
- Use Complete payment in the manual confirmation panel (enter the shopping cart ID), or
- Click Complete payment on the cart row in the shopping carts table when state is
PaymentStarted - Or keep polling cart state — the sandbox auto-completes payment after about 30 seconds
For Bank deposit (context-multi), there is nothing to confirm; checkout returns reservations immediately.
Typical booking workflow:
- List room types for your Space
- Create a booking offer for your dates; note
bookingOfferId - Create a shopping cart; note
shoppingCartId - Check out the cart
- For direct-payment contexts, complete payment in Build → Booking Engine (see above) or wait about 30 seconds for automatic completion while polling cart state
- Fetch the cart or reservations once state is
CheckedOut
Voucher (Build → Voucher)
CASABLANCA calls your voucher endpoints - you expose them; the sandbox API key is not used here.
Configuration
Enter your voucher service base URL and save. Default route paths:
| Operation | Default route |
|---|---|
| Lookup | GET /voucher/{voucherId} |
| Redeem | POST /voucher/{voucherId}/redeem |
| Cancel redemption | POST /voucher/{voucherId}/redemptionCancel |
If your paths differ, double-click a route row to edit the segments before and after {voucherId}. A confirmation appears before saving - custom paths may require additional implementation work billed to the partner.
Test console
Use Lookup, Redeem, and Storno to simulate CASABLANCA calls. Optional Bearer or Basic credentials apply to the current session only and are not stored.
The live log shows the last 15 calls. History holds up to 500 entries with full request and response details.
Typical workflow:
- Run your voucher endpoint on a URL reachable from the internet (e.g. via ngrok locally)
- Enter the base URL on Build → Voucher and save
- Adjust routes if needed
- Run Lookup, then Redeem and Storno with test data
10. Test resilience with the outage simulator
If you build a POS integration, verify that connection failures do not lose queued charges.
Where to find it:
Account → Settings → Pause POS API
This simulates a 10-minute outage: POS requests from your account hang with no response. Click Resume POS API to end early. Booking Engine is not affected.
The simulator is available while the POS API is enabled and not yet certified for your account. Once POS shows as certified, this section is hidden.
Use this to confirm your integration detects the failure, stores charges locally, retries when the API responds again, and avoids duplicate posting.
The Settings page also shows:
- API certification – sandbox vs certified for each enabled API
- Partner agreement – signed or not signed (read-only; contact CASABLANCA if not signed)
11. Move to production: certification
When your integration is tested in the sandbox, you request certification through the portal. A production API key is granted by CASABLANCA after the process completes - you cannot certify yourself or create production keys in the portal.
Where to start:
Get started → Certification
Certification is tracked per enabled API (POS, Booking Engine, and Voucher independently). The home page and Account → Settings show sandbox vs certified for each API. The Certification menu item is hidden when all enabled APIs are certified.
The four steps
- Submit your certification request in the portal (form below)
- Run integration tests with CASABLANCA at the agreed appointment
- Provide interface documentation as requested
- Receive your production API key from CASABLANCA once certification for your APIs is complete
Certification request form
Fill in the form on Get started → Certification. You can Save progress at any time before submitting.
| Section | What to provide |
|---|---|
| Preferred date | At least 28 days from today |
| Contact email | Email for certification correspondence |
| Used APIs | Which of your enabled APIs the integration uses |
| Main use cases | Target groups and descriptions |
| User flows | Step-by-step flows in your product |
| Limitations | Known limits or exclusions |
| Workflow diagram | PNG, JPG, PDF, or SVG - up to 10 MB |
| Pilot customers | Hotels or sites for the pilot phase |
| Pilot phase documentation | Your rollout plan, timelines, and success criteria |
If the partner agreement is not yet signed, an informational banner may appear. You can still save progress and submit the request; contact your CASABLANCA integration contact to complete the partner agreement separately.
Only one active certification request is processed at a time. After you submit, the form is replaced by status and a timeline (appointment, test, result, follow-up stages as CASABLANCA progresses your request).
While your request is open, you may see:
- CASABLANCA summary – read-only feedback from CASABLANCA when provided
- Save updates – edit and save changes while the request allows partner updates
- Previous certification requests – archive of past submissions
- Request new certification – when your previous request is complete and a new one is allowed
Statuses you may see: draft, certification pending, partially certified, certified, failed, or cancelled.
Once all enabled APIs are certified, the home page reflects certified status and the production API host appears on Account → API Key. The sandbox key section stays available for sandbox testing. Contact CASABLANCA for your production API key - it is not issued through the portal.
12. What only CASABLANCA can change
Contact your CASABLANCA integration contact if you need any of the following:
| Topic | Why you cannot change it in the portal |
|---|---|
| Developer sandbox access | Must be created and granted by CASABLANCA before you receive a passcode |
| Enabled APIs | Which APIs appear in your account |
| Partner name | Required before you can generate a sandbox API key |
| Docs passcode | Regenerated by CASABLANCA if lost or compromised |
| Partner agreement | Status is shown read-only under Account → Settings |
| Certification outcome | Production certification per API is confirmed by CASABLANCA |
| Production API key | Provided by CASABLANCA after certification; not generated in the developer portal |
| Sandbox API key | You manage this yourself under Account → API Key |
13. Troubleshooting
I cannot log in
- You need developer sandbox access from CASABLANCA first - contact your Partner Manager if you have not received a passcode.
- Passcode is case-sensitive; copy it exactly (13 characters, may include special characters).
- Email must match the address CASABLANCA registered for your account.
- A replaced passcode invalidates the previous one immediately.
The API key section says partner name is missing
Contact your CASABLANCA integration contact to complete account setup before generating a key.
I closed the API key dialog without copying the key
The key cannot be retrieved. Use Regenerate to create a new one.
I get a 401 error on API calls
Missing, incorrect, disabled, or removed API key. Check the api-key header and Account → API Key.
I get a 403 error on API calls
Tenant ID in the URL does not match your account. Copy Tenant ID from Account → API Key.
I get a 429 error
More than 100 requests per minute. Wait for the Retry-After header before retrying.
My charge does not appear in the charges inspector
- Confirm API key and tenant ID.
- Wait a few seconds and refresh.
- Confirm the correct POS interface ID under Build → POS.
An API is not visible in the sidebar
That API is not enabled for your account. Contact your CASABLANCA integration contact.
Certification save fails or diagram upload is rejected
- Workflow diagrams must be PNG, JPG, PDF, or SVG and at most 10 MB.
- If the portal reports the upload is too large, use a smaller file or compress the image.
I need help with a specific failed request
Copy the traceId from the error response and send it to CASABLANCA support.
14. Quick reference
First-time setup checklist
- Contact CASABLANCA Partner Manager to request developer sandbox access
- Receive docs passcode and contact email after access is granted
- Sign in at https://chs.onl/developer/
- Accept the API Sandbox Terms of Use and NDA
- Open Account → API Key and copy your Tenant ID
- Generate your sandbox API key and store it securely
- Note your sandbox base URL from the API host section
- Download the Bruno collection from Get started → Quickstart
- Install Bruno, open the collection, set
tenantIdandapiKey - Browse sandbox data under Build → POS or Build → Booking Engine
- Read OpenAPI reference under Resources → Documentation
- When ready: submit a certification request under Get started → Certification
Portal navigation at a glance
| What you want to do | Where to go |
|---|---|
| Accept sandbox NDA | First login, or Account → Agreement |
| View signed NDA again | Account → Agreement |
| Check partner agreement status | Account → Settings |
| Get sandbox API key | Account → API Key |
| Find sandbox / production base URL | Account → API Key, API host section |
| See enabled APIs and certification status | Account → API Key or Account → Settings |
| Simulate POS outage | Account → Settings (POS not yet certified) |
| Read notifications | Home page (bell icon) |
| Download Bruno collections | Get started → Quickstart |
| Read auth and rate limits | Get started → Quickstart |
| Submit certification request | Get started → Certification |
| Browse sandbox test data | Build → POS or Build → Booking Engine |
| Customize Booking Engine seed data | Build → Booking Engine (Space selector, tables) |
| Inspect posted charges | Build → POS, Charges section |
| Configure voucher endpoint | Build → Voucher |
| Read interactive API docs | Resources → Documentation |
| Download OpenAPI YAML / Booking PDF | Resources → Documentation → open API → toolbar |
| Check service uptime | Resources → Status |
| See product changes | Resources → Changelog |
HTTP error codes
| Code | Meaning | What to check |
|---|---|---|
| 400 | Invalid request | Request body against OpenAPI schema; unknown POS reference codes |
| 401 | Missing or invalid API key | api-key header |
| 403 | Not authorised | Tenant ID in URL path |
| 404 | Resource not found | Resource ID in request |
| 429 | Rate limit exceeded | Wait for Retry-After |
| 500 | Unexpected server error | Include traceId when contacting support |
External resources
| Resource | URL |
|---|---|
| Developer portal | chs.onl/developer/ |
| Service status | status.casablanca.at |
| Product changelog | casablanca.at/updates |
| Privacy policy | casablanca.at/legal/datenschutzerklaerung |
| Impressum | casablanca.at/legal/impressum |
| Bruno REST client | usebruno.com |