The canonical OpenAPI 3.1 specification for the TicketWave API — the public JSON-over-HTTPS surface served at https://access.ticketwavehq.com.
This is the same spec that powers:
- the official
@ticketwave/sdkTypeScript client, - the interactive viewer at https://access.ticketwavehq.com/developers/api/spec,
- and every downstream Stainless / OpenAPI Generator client we ship.
A single openapi.yaml describing two API namespaces:
| Namespace | Purpose | Auth scope | Rate limit |
|---|---|---|---|
/api/v1/* |
Read tenant resources — events, ticket tiers, orders. | plugin:read (+ optional plugin:pii to unmask buyers) |
120 req/min/key |
/api/v2/* |
The commerce engine — register resources, write rules, ask for ALLOW / DENY / REVIEW, replay, dispute, override. |
plugin:read for GETs, plugin:write for state changes |
240 req/min/key |
Current shape (v1.0.0):
- 26 paths
- 37 operations
- 64 component schemas
- 14 tags
All requests use bearer tokens of the form tw_live_xxxxxxxxxxxxxxxx, issued at https://ticketwavehq.com/dashboard/settings/api-keys. Tenant scoping is enforced server-side on every row — cross-tenant probes resolve to 404, never 403, so the surface cannot be used to enumerate other tenants.
# https://editor.swagger.io → File → Import URL
https://raw.githubusercontent.com/TicketWaveHQ/openapi-spec/main/openapi.yamlFile → Import → Link → paste the raw URL above. Postman generates a collection with all 37 operations, organised by tag.
npx @openapitools/openapi-generator-cli generate \
-i https://raw.githubusercontent.com/TicketWaveHQ/openapi-spec/main/openapi.yaml \
-g typescript-fetch \
-o ./ticketwave-clientSwap -g typescript-fetch for python, go, rust, java, csharp, etc. The full generator list is in the openapi-generator docs.
The official @ticketwave/sdk is generated by Stainless from this exact file. If you fork to build a private client, point Stainless at the raw URL above.
You do not have to. The same spec is served at https://access.ticketwavehq.com/openapi.yaml with the same canonical-server values — both URLs are identical bytes on every release.
This spec follows semantic versioning with API-shape rules:
- Patch (
1.0.x) — documentation fixes, example tweaks, description rewording. Wire format unchanged. - Minor (
1.x.0) — additive only. New endpoints, new optional fields on requests, new fields on responses, new enum values. Existing clients keep working. - Major (
x.0.0) — breaking. Renaming a field, removing an endpoint, tightening a type, changing required/optional, narrowing an enum. Announced 30 days in advance on the developer changelog.
The version lives in info.version at the top of openapi.yaml and is mirrored in CHANGELOG.md. Each release is also a GitHub tag (v1.0.0, v1.1.0, …) so SDK builds can pin.
Webhook payloads delivered to outbound subscriptions are signed with HMAC-SHA256. The signing secret is returned once when you create the subscription via POST /api/v2/subscriptions and is never re-displayed. The exact header layout, verification algorithm, and replay-window rules are documented at:
https://access.ticketwavehq.com/help
(They are intentionally out of scope for this OpenAPI document — OpenAPI 3.1's webhooks block does not yet describe HMAC verification in a way that round-trips through every generator.)
Found a discrepancy between the spec and the live API? Open an issue here, or email developers@ticketwavehq.com.
Apache License 2.0 — see LICENSE.
The TicketWave API itself is offered under the proprietary TicketWave Public API Terms; this OpenAPI document describing the API is Apache-2.0 so you can vendor, fork, generate clients from, and redistribute it freely.
{
"@context": "https://schema.org",
"@type": "Organization",
"name": "TicketWave",
"legalName": "TicketWave HQ Ltd",
"url": "https://ticketwavehq.com",
"logo": "https://ticketwavehq.com/logo.png",
"description": "TicketWave is an events-and-access platform providing a public REST API for events, orders, and the access-decision engine.",
"sameAs": [
"https://github.com/TicketWaveHQ"
],
"contactPoint": [
{
"@type": "ContactPoint",
"contactType": "developer support",
"email": "developers@ticketwavehq.com",
"url": "https://ticketwavehq.com/developers"
},
{
"@type": "ContactPoint",
"contactType": "security",
"email": "security@ticketwavehq.com"
}
]
}