Mindbody API Release Notes

November 2024

New Features and Enhancements

  • Bulk Appointment Booking (AddMultipleAppointments Endpoint)
    A new endpoint, AddMultipleAppointments, has been introduced to allow developers to book multiple appointments in a single request. This reduces integration complexity and improves efficiency by processing each appointment request individually, ensuring that if one fails, the others are still successfully saved.
  • Appointment Requests via AddAppointment Endpoint
    The AddAppointment endpoint now includes a new parameter for submitting appointments as "requests" rather than waitlist reservations. This enhancement improves usability by enabling core system features like request visibility and flags, which are crucial for streamlined workflow management.
  • Add Notes to Class Schedules
    Developers can now add notes to class instances in the schedule based on ScheduleID. Enhancements include exposing ClassNotes in the GetClasses response and adding a Public API endpoint for updating notes, leveraging existing fields to improve organization during high-volume scheduling or themed events.
  • AutoConfirm for Class Spot Reservations
    The POST Class Spot Reservation endpoint now supports autoConfirm and autoAssignSpot parameters. This eliminates the need to manually send the spotNumber or call the /confirm endpoint, streamlining the process and enabling automatic spot assignments for customers.

Bug Fixes

  • PurchaseContract Signature Upload Error
    Resolved an issue where the API intermittently returned "Purchase succeeded but signature upload" errors. Purchases now process smoothly without interruptions.
  • GET ClientServices Cross-Regional Retrieval
    Fixed an issue where cross-regional services were not included in the response when a single SiteID was specified. The endpoint now properly retrieves cross-regional pricing options.
  • GET ClientContracts Autopayment Retrieval
    Addressed a bug where the GET ClientContracts endpoint returned only the first two scheduled payments for suspended contracts, with the first payment showing incorrect amounts. The response now includes all scheduled autopayments with accurate details.
  • Cross-Regional Pricing Option Restrictions
    Fixed an issue where clients could bypass location restrictions on pricing options to book cross-regional visits. Restricted options are now excluded from the GET ClientServices response when CrossRegionalLookup is true, and cannot be used for cross-regional bookings.

August - October 2024

New Features and Enhancements

  • Webhooks: Added clientMembershipAssignment.cancelled Event
    A new webhook event, clientMembershipAssignment.cancelled, now triggers when a client sale is voided, specifically for client membership items.
  • Webhooks: Added client.updated Event for Relationship Changes
    The client.updated webhook event has been added to trigger when a relationship is added or removed from a client profile.
  • Public API: Return Sale as Account Credit
    The POST ReturnSale endpoint has been enhanced to allow sales returns as account credit, supporting a wider range of payment types beyond the "Comp" method.
  • Public API: Include Inactive Filter for Get Class/ClassDescriptions
    An includeInactive filter has been added to the Get Class and ClassDescriptions endpoints, enabling developers to exclude inactive classes, reducing data volume, and improving query efficiency.
  • Public API: Add PerStaffPricing Info to GET Sites
    A nullable boolean, PerStaffPricing, has been added to the GET Sites endpoint. This field is populated when a single site ID is passed, allowing partners to check if per-staff pricing is enabled, improving integration efficiency.
  • Public API: excludeInactiveSites Parameter for CrossRegionalClientAssociations
    Introduced an excludeInactiveSites parameter (defaulted to true) to the GET CrossRegionalClientAssociations endpoint. This aligns with similar endpoints like GET ClientCompleteInfo and ensures inactive sites are excluded unless explicitly specified.
  • Public API: Add RecClientID to UtilityFunction_GetClientContracts
    The RecClientID field has been added to UtilityFunction_GetClientContracts, allowing identification of cases where the person paying for a contract differs from the person using it.
  • Public API: Add Secondary Category to GET Products
    The GET Products endpoint now includes a secondary category parameter, available as both a filter and a response property. This facilitates more detailed product categorization and sales configuration.
  • Public API: Modify POST CheckoutShoppingCart to Include Sales Notes
    The POST CheckoutShoppingCart endpoint now accepts a notes field for product sales. This freeform string (up to 255 characters) allows customers to include additional information related to sold products.

Bug Fixes

  • Public API: CheckoutShoppingCart Test Parameter Fix
    Resolved an issue where CheckoutShoppingCart with Test=true and InStore=true returned a 400 Bad Request error due to amount validation. The response now correctly includes the expected response body with the Amount populated.
  • Public API: CheckoutShoppingCart Rounding Error Fix
    Corrected rounding errors in CheckoutShoppingCart when using tax rates (e.g., 10.5%) to ensure totals (e.g., $16.58) align without discrepancies.
  • Public API: CheckoutShoppingCart Product Sale Error
    Resolved a "Input string was not in a correct format" error during product sales via CheckoutShoppingCart by adjusting input validation.
  • Public API: AutoRenewing Field Consistency in UtilityFunction_AutoPayDetail Response
    Standardized the AutoRenewing field in UtilityFunction_AutoPayDetail responses to ensure it reliably reflects true/false values, resolving inconsistencies in auto-renew contract responses.
  • Public API: ExcludeInactiveSites Parameter in CrossRegional Queries
    Fixed handling of the ExcludeInactiveSites parameter in crossregional requests to ensure accurate functionality. This parameter now works as intended in queries like GET ClientCompleteInfo.
  • Public API: GET ClientServices - Incorrect Service Retrieval for ProgramId
    Adjusted query logic for GET ClientServices to ensure services retrieved match the specified ProgramId when CrossRegionalLookup=true.
  • Public API: Update Services - Failure with Different BarcodeId and ProductId
    Resolved validation issues in Update Services requests, allowing compatibility when BarcodeId and ProductId differ.

June - July 2024

Improvements

  • The CheckoutShoppingCart endpoint now includes the [PayerClientId], which allows developers to specify the RSSID of the client who is making the payment for the purchase, enabling this client to pay for another. It is important to note that this client must have a "Pays for" relationship type with the client specified in the "ClientId" field
  • We have incorporated the optional parameters UseActivateDate and ShowActiveOnly into the GET ClientCompleteInfo request to enable customers to filter services by ActivateDate, thereby providing the same functionality as the GET ClientServices endpoint.
  • Eight endpoints were optimized, resulting in performance boosts ranging from 32% to 99%. The improved endpoints and their current performance are as follows:
    • GET Sales: 99% boost, from 18.5 seconds to 238 milliseconds
    • GET Sites: 98% boost, from 8.75 seconds to 176 milliseconds
    • GET ClassSchedule: 92% boost, from 8.75 seconds to 539 milliseconds
    • UpdateClient: 46% boost, from 2.96 seconds to 1.59 seconds
    • GET ClientCompleteInfo: 44% boost, from 1.03 seconds to 0.578 milliseconds
    • Get PurchaseContracts: 42% boost, from 12.3 seconds to 7.13 seconds
    • Get ScheduleItems: 41% boost, from 3.94 seconds to 2.31 seconds
    • Get BookableItems: 32% boost, from 1.41 seconds to 953 milliseconds"
  • The payload properties ClassId, ClientId, and ClientUniqueId have been added to the classWaitlistRequest.cancelled webhook event, allowing customers to identify who was removed from the class waitlist.

Bug Fixes

  • When a recurring appointment is made, all appointments trigger the webhook and are sent instead of just the last one.
  • The GET Services endpoint will only return pricing options assigned to a specific enrollment schedule when passing a ClassID for an enrollment class.
  • POST UpdateAppointment with [ApplyPayment=true] was deducting a session each time it was sent for the same appointment. Now, it will check if the appointment payment has already been applied and return an error
  • When making the GET Clients request, if you include two or more [ClientIds] as parameters and these clients have relationships with each other, the relationship information for each client is retrieved.
  • The WebCapacity parameter has been fixed and will now update when UpdateClassSchedule is used

March - April 2024 - Endpoint Updates

Modified Endpoints

GET BookableItems
Endpoint has undergone enhancements to boost its performance, leading a 3.5x faster average response time. There were no modifications to input, output, or business logic.

GET ClientVisits
Endpoint has been updated to reduce the endpoint response time. Optimizations resulted in 35% reduction on the average response time. There were no modifications to input, output, or business logic.

February 2024 - Endpoint Updates

Modified Endpoints

POST UpdateClient
To mantain data consistency between sites in a region, all email updates will require crossRegionalUpdate set to "true". When passed as "false" and the site belongs to a region, will throw a validation error.

POST PurchaseContract
We added ability to pass new CVV parameter as part of CreditCardInfo object.

General Updates

We updated verbiage for v5.x Deprecation banner and V5.x Deprecation Notice.


January 2024 - Endpoint Updates

Modified Endpoints

POST UserToken/Issue
New User Tokens are Here! This update resolves intermittent issues that occurred with previous tokens.

POST UpdateClassSchedule
We updated this endpoint to include a new optional parameter RetainScheduleChanges (boolean, default is false). When passed as true, class instance changes that have been manually performed (such as substitute teacher, class cancellation) within the passed StartDate and EndDate will be retained.

New Endpoint

POST UserToken/Renew
You can now renew your existing token and increase its lifetime.

November-December 2023 - Endpoint Updates

Modified Endpoints

Get ClassVisits
We updated the endpoint to include PhotoURL for each ClientId that is returned.

POST AddClientToClass
This endpoint was updated to send out reservation confirmation email even if user token is not passed.

GET BookableItems
We optimized the performance of this endpoint.

Bug Fixes

POST PurchaseContracts
Fixed Bug 1262972 : We fixed a bug where postdated contracts (first payment deferred to a future date) purchased via PurchaseContracts endpoint were sold without scheduling the associated auto pays between 10/25/2023 and 11/7/2023.

September-October 2023 - Endpoint Updates

New Endpoints

POST CopyCreditCard
We added a new end point that copies the credit card information from one client to another. The source and target clients must have the same email address.

GET LiabilityWaiver
We added a new endpoint to get Liability Waiver content at the specified business.

July 2023 - Endpoint Updates

New Endpoints

POST AddClientIndex
We added new functionality to add new client index record at the specified business.

POST UpdateClientIndex
We added new functionality to update client index record at the specified business.

POST DeactivatePromoCode
We added new functionality to deactivate an existing promocode record at the specified business.

Modified Endpoints

Get ClientContracts
We updated the endpoint to include Subtotal and Tax properties to UpcomingAutopayEvents object.

POST PurchaseAccountCredit
We updated the endpoint to support all payment types.

POST PurchaseGiftCard
We updated the endpoint to support all payment types.

June 2023 - Endpoint Updates

Modified Endpoints

POST CheckoutShoppingCart
We updated the endpoint to support cross regional gift cards.

Get BookableItems
We updated the endpoint to return Public Display for staff availability.

April-May 2023 - Endpoint Updates

Modified Endpoints

POST AddClassSchedule
We removed requiring pricing options.

Get ClientContracts
We updated the endpoint to include ProductId returned in UpcomingAutopayEvent object.

Get Services
We updated the endpoint to return membership requirements.

Mar 2023 Release – Billing Usage Reports

Your Developer Account on the Mindbody Developer Portal now includes a 'Reports' section with following new reports, that provide a summary of your API activity and billing usage details per billing cycle.

- Invoice Detail Report
- Activity by Studio Report
- Booking Detail Report (If applicable)

Jan 2023 Release – Documentation Enhancements

This release features many exciting usability enhancements in API Documentation and improvements to API Developer Experience.

  • Global Search – Search for any text or Endpoints.
  • Language-specific API documentation in HTTP, Python, .NET, Ruby and PHP.
  • Live API Playground containing
      - Usage examples for each endpoint
      - Reactive code samples and
      - ‘Try it out’ section for Live API call
  • SDKs in 4 supported languages: Python, .NET, Ruby, PHP
  • Responsive UI
  • Improvements in page load times

November 2022 - Endpoint Updates

New Endpoints

POST TerminateContract
We added a new endpoint to terminate a client contract.

POST SuspendContract
We added a new endpoint to suspend a client contract.

POST AddClassSchedule
We added a new endpoint to add a class schedule.

POST AddEnrollmentSchedule
We added a new endpoint to add an enrollment schedule.

September 2022 - Endpoint Updates

New Endpoints

DELETE RemoveFromAppointmentWaitlist
We added a new endpoint to remove appointments from the waitlist.

Modified Endpoints

POST AddAppointment
We added new functionality to add appointments to the waitlist.

Get Services
We have modified the endpoint to return the pricing options marked as "only sell in contract or package" in get services endpoint.

Get SessionTypes
We have modified the endpoint to return the online description in API response.

Bug Fixes

POST AddOrUpdateAppointments
Fixed Bug 1092785: We have fixed the bug where clients were able to update appointments that were booked for another client.

Fixed Bug 1145389: We have fixed the bug where TNMB users were getting "Invalid credentials" error while trying to access v5.0 endpoints.

Get ClientServices
Fixed Bug 1148072: We have fixed a bug where we were not getting services for which a restriction was added for use at location settings.

POST PurchaseContract
Fixed Bug 1140280: We have fixed a bug where billing details were updated when passed saveinfo as false in the request.

August 2022 - Endpoint Updates

New Endpoints - Mindbody Consumer APIs

Mindbody Consumer APIs are designed to help companies build integrated solutions that complement consumers' wellness behaviors, enabling them to grow their business by connecting with the largest health, beauty, and wellness community in the world.

GET Consumer Visits
Return a list of all verified visits of a consumer for a given duration.

GET Consumer Purchases
Return a list of all verified purchases of a consumer for a given duration.

DELETE Consumer
Disconnects consumer from a partner.

GET Business Directory
Returns a list of the businesses on the Mindbody Platform.

Modified Endpoints

POST RemoveClientFromClass
We added a new property "VisitId" in RemoveClientFromClass endpoint. Using VisitID, we can remove specific visits of clients from class.

Get Services
We have modified the endpoint to return the pricing options marked as "only sell in contract or package" in get services endpoint.

Bug Fixes

POST ValidateStaffLogin
Fixed Bug 1108743 : We have fixed the bug where partners were getting error when trying to create staff token using the ValidateStaffLogin endpoint.

POST GetServices
Fixed Bug 1107273: We fixed a bug where we were getting authentication error for staff credentials for The New Mindbody Experience sites.

Get Categories.
Fixed Bug 1062105 : We fixed a bug where TotalResults value was dictated by the Limit value in the pagination of GetCategories API response.

POST GetTransactions .
Fixed Bug 1065936 : We fixed a bug where TotalResults value was dictated by the Limit value in the pagination of GetTransactions API response.

POST AddClientDirectDebitInfo.
Fixed Bug 1100245 : We fixed a bug in AddClientDirectDebitInfo API when adding direct debit information, if validation occurs, it cleared existing information from the client's profile while it should retain.

POST AddClientDirectDebitInfo.
Fixed Bug 1100243: We fixed a bug in AddClientDirectDebitInfo API where validation was missing for incorrect staff permissions and we were not getting validation message from Public API.

GET ContactLogs.
Fixed Bug 1062893: We fixed a bug where ShowSystemGenerated filter was not working fine in GET ContactLogs endpoint. When passed as false, it was returning system-generated mails in response.

GET ActiveClientMemberships.
Fixed Bug 1088323: We fixed a bug where we were not getting clients memberships in API when clients have multiple memberships, only top priority active memberships were returned.

GET ClientServices.
Fixed Bug 1126064: We fixed a bug where we were not getting client services when passed location filter in API parameter.

July 2022 - Endpoint Updates

POST CheckoutShoppingCart.
We have changed the validation message in the checkout shopping cart endpoint when purchasing the product with instore value as false.

June 2022 - Endpoint Updates

GET Clients.
We added a limitation in the Get Client request for ClientIds, now maximum of 20 client IDs can be passed in the parameter of the endpoint.

Bug Fixes

POST UserTokens.
Fixed: Bug 1091144- We fixed an issue where the access token was not getting created for staff credentials of the new MB experience sites.

POST CheckoutShoppingCart.
Fixed: Bug 1093286- We fixed an issue where the promotions not applicable for online sales was accepted even when instore was passed as false.

POST RemoveClientFromClass.
Fixed: Bug 928626- We fixed an issue where a high response time for the RemoveClientFromClass endpoint was causing high CPU usage. With this fix, we improved response time by ~8sec.

POST GetActiveSessionTimes.
Fixed: Bug 1093286- We fixed an issue where an entry was not made in the database when the "GetActiveSessionTimes" endpoint was executed (v5/5.1) without SourceName/Password and the API key was passed in the header.

All V5.0/V5.1 endpoints.
Fixed: Bug 1103114- We fixed an issue where we were getting API results when passed API-key of an inactive source in the header.

May 2022 - Endpoint Updates

Bug Fixes

POST CheckoutShoppingCart.
Fixed: Bug 1015018- We fixed an issue where the payment method was displayed as n/a when the payment failed.

POST AddClientToClass.
Fixed: Bug 1078863 - We fixed an issue where the Reservation Confirmations (Single) email was not being sent when the User Token was not passed.

GET ClientContracts.
Fixed: Bug 1087955 - We fixed an issue where the client contract was showing up multiple times in the response of GET ClientContracts.

POST AddOrUpdateAppointments.
Fixed: Bug 1022345- We fixed an issue where consumers were able to use off-peak time access pricing options to pay for Peak services Appointments in v5.

GET Contracts.
Fixed: Bug 1026950 - We fixed an issue where Get contract returned no results when passed with offset parameters.

April 2022 - Endpoint Updates

New Endpoints

POST Availabilities
This endpoint adds availabilities and unavailabilities for a staff.

Put Availabilities
This endpoint updates information for a specific availability or unavailability of the staff.

DELETE Availability
This endpoint deletes the availability or unavailability of staff.

GET Semesters
This endpoint retrieves the business class semesters.

GET MobileProviders
This endpoint fetches the list of mobile providers supported by the business.

GET ProspectStages
This endpoint fetches the list of prospect stages for the potential clients.

March 2022 - Endpoint Updates

New Endpoints

GET SalesReps
This endpoint fetches the basic details of the staff members that are sales representatives.

Post RemoveClientsfromClasses
This endpoint can be utilized for removing multiple clients from multiple classes in one request.

Post ReturnSale
This endpoint can be used to return sales for a specified sale ID in business mode.

Get Courses
This endpoint fetches data related to courses depending on the access level.

Post CancelSingleClass
This endpoint will cancel a single class from the studio.

Bug Fixes

GET Clients
Fixed: Bug 826656 - We fixed the issue where the "Get clients" request returned an error: "Something went wrong. Please try again." for certain profiles included in the response.

GET BookableItems.
Fixed: Bug 1039434 - We fixed an issue where higher call volume usually resulted in the performance degradation of the endpoint.

POST CheckoutShoppingCart.
Fixed: Bug 1075498 - We fixed an issue where CheckoutShoppingCart returns a strange error in API that looks like an SQL query when the Strong Customer Authentication (SCA) challenge is enabled.

February 2022 - Endpoint Updates

New Endpoints

GET ClientSchedule
This endpoint fetches the schedule of the client for a given studio.

PUT Products
This endpoint updates the retail price and an online price for products.

PUT SaleDate
This endpoint updates the SaleDate and returns the details of the sale.

PUT Services
This endpoint updates the retail price and an online price for services.

GET StaffImageURL
This endpoint fetches the image-URL of the staff, for a given studio if it exists.

Bug Fixes

GET Classes
Fixed: Bug 675732 - We fixed an issue where all classes show as 'False' for "IsEnrolled", even though the client is registered for those classes.

POST RemoveClientFromClass.
Fixed: Bug 1003855 - We fixed an issue where, only in some circumstances API will return 500 internal server error in the response, but cancellation still takes place.

January 2022 - Endpoint Updates

V6.0 endpoint access

Fixed: Bug 1048497 - We fixed an issue where Inactive partners were able to access V6 endpoints

GET Packages

Fixed: Bug 925367 - We fixed an issue in getting Packages where Package items were not showing the correct "tax rate", instead it was always showing "0.0"

Nov 2021 - Endpoints Update

OnlineDescription

OnlineDescription field is included in the response of GetStaffAppointments endpoint which indicates the online description associated with the appointment. Documentation can be found here.

Oct 2021 - Endpoints Update

Recipient Client ID

Recipient Client ID is included in GetSales endpoint which indicates the ID for the client for which purchase was made. Please refer to RecipientClientId field. Documentation can be found here.

Update Product Price

The new endpoint will let you update the retail and online price of the product.Documentation can be found here.

Sept 2021 API Updates

Custom Staff ID

Custom StaffID field is included in GetStaff, UpdateStaff and AddStaff endpoints. Please refer to EmpID field. Documentation can be found here.

Aug 2021 - Endpoint updates

POST CheckoutShoppingCart

This endpoint now gives you the capability to control whether taxes should be applied and calculated for the purchase or not. Through new boolean parameter CalculateTax, you could control whether taxes should be applied or not. Documentation can be found here.

July 2021 - New Endpoint

GET ActiveClientsMemberships

Retrieve a list of memberships associated with each client. This endpoint works for multiple clients. Documentation can be found here.

June 2021 – New and Updated Endpoints

GET StaffSessionTypes

Retrieve a list of active session types for a specific staff member. Documentation can be found here.

POST AddStaffAvailability

Add staff availability or unavailability for a given staff member. Documentation can be found here.

POST AssignStaffSessionType

Assign a staff member to an appointment session type with staff specific properties such as time length and pay rate. Documentation can be found here.

POST UpdateStaffPermissions

Assign a permission group to a staff member. Documentation can be found here.

GET Clients and POST UpdateClient

These endpoints now include information about the state of a client suspension in the response. Documentation can be found here.

GET ClientRewards

Retrieve current client reward balance and journal of reward transactions. Documentation can be found here.

POST UpdateClientRewards

Adjust client reward balance by earning or redeeming rewards points for a given client. Documentation can be found here.

GET ClientFormulaNotes

This endpoint had been updated to retrieve cross regional formula notes for a client, or for a specific appointment. Documentation can be found here.

POST AddClientFormulaNote

Add a formula note for a specified client or specified client appointment. Documentation can be found here.

DELETE ClientFormulaNote

Delete an existing formula note. Documentation can be found here.

GET ClientContracts

This endpoint had been updated to return ContractID in the response. Documentation can be found here.

POST PurchaseGiftCard

This endpoint had been updated to support two new properties in the request: BarcodeId and SenderName. Documentation can be found here.

April 2021 - Enhancements in Existing Endpoints

GET Sales

This endpoint which is used to retrieve sales data is enhanced by adding 23 new properties that are relevant to the sale detail. Documentation can be found here.

GET Products

This endpoint which is used to retrieve products data is enhanced by adding 8 new properties that are relevant to the product detail. Documentation can be found here.

GET ClientVisits

This endpoint which is used to retrieve client visits data is enhanced by adding 4 new properties that are relevant to the visit. Documentation can be found here

GET Clients

This endpoint which gives the details of the clients will also have a property 'AcccountBalance' which gives the balance of a client. Documentation can be found here

April 2021 Updates - New Endpoints

Exciting news! We have introduced 4 new endpoints in Public API. Do check them out.

GET Categories

This endpoint returns the list of revenue and product revenue categories configured for the site . Documentation can be found here.

GET Transactions

This endpoint retrieves the payment transaction data associated with a sale. Documentation can be found here.

GET ClientCompleteInfo

This endpoint gives all the details for a specific client including services, membership, arrivals etc. Documentation can be found here.

GET PaymentTypes

This endpoint gives the list of payment types configured for the studio. Documentation can be found here.

GET ProductsInventory

This endpoint gives the inventory data for products for a given studio. Documentation can be found here.

February 2021 Updates - New endpoints

Exciting new endpoints are available in Public API!

POST AddStaff

This endpoint creates a new staff member record at the specified business. Documentation can be found here.

POST UpdateStaff

This endpoint can be used to update an existing staff member record at the specified business. Documentation can be found here.

POST AddPromoCode

This endpoint can be used to create a new promocode record at the site. Documentation can be found here.

GET PromoCodes

This endpoint returns a list of promocodes at the specified business. Documentation can be found here.

Upcoming site maintenance

We’re upgrading the servers that power Booker to AWS, providing you with industry leading security and uptime. Scheduled downtime will occur on Sunday, February 21 from 1:00-5:00AM EST while we complete this upgrade.

[Learn more]- link to API release notes

SCA Regulatory Updates

Strong Customer Authentication (SCA) is a new European regulatory requirement to reduce fraud and make online payments more secure. To accept payments and meet SCA requirements, we have made additions to the CheckoutShoppingCart, PurchaseContract, and PurchaseGiftCard endpoints to facilitate an SCA challenge. This only impacts EU customers who use the Public API to conduct consumer transactions using Stripe.

New optional request fields that have been added:

  • ConsumerPresent (Boolean) - Use this to indicate that the consumer is present or otherwise able to successfully negotiate an SCA challenge. It is not a good idea to have this always be false as that could very likely lead to a bank declining all transactions for the merchant. Defaults to false.
  • PaymentAuthenticationCallbackUrl (String) - If ConsumerPresent is true, and the bank requests SCA, upon completion of the SCA challenge, the consumer will be redirected back to this URL. Unfortunately, at this time there is no indication as to whether the consumer confirmed or denied the transaction. This field is only needed if ConsumerPresent is true.
  • CheckoutShoppingCart only: TransactionIDs (List of integers) - If any of the credit card payments are indicating an SCA challenge, then a second call into CheckoutShoppingCart is required where these challenged or pre-authorized credit card transactions will be needed to complete the process and capture the funds. These will be provided to you in the response from the first call to CheckoutShoppingCart along with AuthenticationUrls for any card authorizations that have an SCA challenge indicated. Note that if no SCA challenge is required, these will not be provided in the response and no second call into CheckoutShoppingCart is needed. Also note that this list may only contain 1 integer depending on whether your integration allows for multiple payments which is supported by the CheckoutShoppingCart endpoint.

One new element has been added to the CheckoutShoppingCart response object:

Transactions (List of TransactionResponse)

  • TransactionID - integer
  • AuthenticationUrl - string (optional valid URL provided by the bank)

If no SCA challenge is indicated, none of this information is needed and it will not be returned, and no 2nd call into CheckoutShoppingCart is needed. If provided at least one of the indicated transactions will have an AuthenticationUrl where the consumer will need to accept or decline the transaction, and upon doing so will be redirected to the PaymentAuthenticationCallbackUrl indicated in the request.


If your integration supports multiple credit card payments, there is a chance that more than one of them will have an SCA challenge indicated. It is up to your application to maintain this awareness and only make the 2nd call into CheckoutShoppingCart when all the challenges have been addressed.


Your integration will need to provide all these TransactionIDs in the 2nd call back into CheckoutShoppingCart. Any TransactionResponse indicating only a TransactionID with no AuthenticationUrl, simply means that transaction has been preauthorized and has no SCA challenge indicated.

One new element has been added to the PurchaseContract/PurchaseGiftCard response object:

PaymentProcessingFailures (List of PaymentProcessingFailure)

  • Type - string
  • Message - string
  • AuthenticationRedirectUrl - string (optional valid URL provided by the bank)

If no SCA challenge is indicated, PurchaseContract.Status = Success, none of this information is needed and it will not be returned, and no 2nd call into PurchaseContract is needed. If provided at least one of the indicated PaymentProcessingFailures, will have an AuthenticationRedirectUrl where the consumer will need to accept or decline the transaction, and upon doing so will be redirected to the PaymentAuthenticationCallbackUrl indicated in the request.

Because PurchaseContract leverages a shopping cart via the Mindbody Marketplace, no additional information needs to be passed back in the 2nd call into PurchaseContract to finalize the order. Note: The cart will only remain valid for 15 minutes, after which time the cart is abandoned and any authorized credit card transactions will be voided.

December 2020 Updates - GetClasses V6 Will Not Show Hidden Classes When Unauthenticated

Beginning mid-December, we will be providing more support for cancelled classes that are hidden from the schedule. GetClasses V6 will no longer return classes that are marked as "hidden" when there is no authentication header present (read more about hidden classes). Unauthenticated users should never have access to see these hidden classes.

Hidden classes will continue to be returned when a staff with valid permission is authenticated.

UPDATE:

This was released on 12/16/2020

Added Validation for Adding/Updating a Client's HomeLocation

The following client HomeLocation validation was added to match the current behavior in the core software:

When adding a new client using AddOrUpdateClients in v5.0 or v5.1 or AddClient in v6, if the HomeLocation property is not provided in the request, then the HomeLocation will be set to default to the first active location ID of the studio.

On update or add, if the HomeLocation ID is provided in the request, it must be a valid active location ID. Zero is also a valid value for HomeLocation ID on update or a staff-level add, which means "all locations" or "no preferred location".

Class/Enrollment Booking Endpoints V5.x + V6.0 Respects "Make Unpaid Reservation" Staff Permission

On 10/30/2020 at 10:00 AM PDT we released an update to the AddClientsToClasses, AddClientToClass, and AddClientsToEnrollments endpoints in V5.x + V6.0 which affects whether staff can create an unpaid class reservation.

When the Make Unpaid Reservation staff permission is disabled for the User Token or User Credentials supplied in the request, then the endpoint will return the following error:

Staff member does not have permission to make unpaid reservations.

If this permission is enabled, the staff will be allowed to complete the unpaid reservation successfully. This functionality now matches that of our core web software.

Please note that all staff members that do not have this permission will experience a change in behavior and will no longer be allowed to make unpaid reservations.

Get ClassDescriptions V6 Update to Fix Duplicate Results

On 10/26/2020 we released an update to the Get ClassDescriptions V6 endpoint. Now when providing a date filter in the request we return one ClassDescription object per Class. The old behavior would return a ClassDescription object for each scheduled occurrence of the Class in the date filter range.

GetClasses V6 Update to Respect Consumer Mode Show Open Class Spaces Setting

On 10/13/2020 at 10:00 AM PDT we released an update to the GetClasses endpoint in V6 which affects whether class capacity properties are returned based on authorization and a class setting.

When the General Setup & Options - Consumer Mode Show # Open Class Spaces setting is disabled and no User Token is included in the request Authorization header, then the following class capacity properties will be returned as null in the response:

  • MaxCapacity
  • TotalBooked
  • TotalBookedWaitlist
  • TotalWebBooked
  • WebCapacity

If this setting is enabled, the properties will be returned. If a user token is passed that was generated using Staff level credentials or higher (or using Source Credentials), then the class capacity properties will always be returned regardless of the setting, which applies to consumer mode only. This functionality matches that of previous versions of the API.

Developer Portal Sign-in Upgrade

On 10/10/2020 at 9:00 PM PDT Mindbody will be upgrading the sign-in workflow for the Developer Portal, so you can authenticate using a single Mindbody account. If you've downloaded and signed up for the Mindbody app, good news—you already have a Mindbody account!

If your existing Mindbody account uses the same email you have on file with the Developer Portal, please use your Mindbody account password to sign in after the upgrade.

If you do not already have a Mindbody account for the email you have on file in the Developer Portal, one will be created for you as part of the upgrade. You will then be asked to verify your email address upon your next sign in.

We recommend taking the time to ensure your Developer Portal account information is up to date to avoid any potential sign-in confusion.

August 2020 Updates - Create/Delete Appointment Add-Ons and Webhooks

August brought us the ability to create or delete add-ons for an appointment, as well as created/deleted webhooks for add-ons.

Post AddAppointmentAddOn

This endpoint books an add-on on top of an existing, regular appointment. To book an add-on, you must use an existing appointment ID and session type ID. Documentation can be found here.

Delete DeleteAppointmentAddOn

This endpoint can be used to early-cancel a booked appointment add-on. Documentation can be found here.

New appointmentAddOn.created Webhook Added!

A new Webhook event type “appointmentAddOn.created” was just added. This webhook will provide developers with real-time updates for add-on bookings that occur throughout the MINDBODY software.

New appointmentAddOn.deleted Webhook added!

A new Webhook event type “appointmentAddOn.deleted” was just added. This webhook will provide developers with real-time updates for add-on cancellations that occur throughout the MINDBODY software.

July 2020 Updates - Updated Staff Endpoints, Get Add-Ons, And Get Available Dates

July brought us a workflow optimization to check on scheduled availability for up to a 30 day range for a specific type of appointment, as well as expanded visibility into and information regarding add-ons.


Get Staff

Now allows developers to filter staff for a particular appointment type. Documentation can be found here.

Get AppointmentAvailableDates

New workflow optimization for finding availabilities based on employee schedules and appointment type. Documentation can be found here.

Get AppointmentAddOns

List available add-ons, and optionally filter on only those that can be performed by a particular staff member. Documentation can be found here.

Get StaffAppointments

Now includes an array of add-ons that are booked for the returned appointments. Documentation can be found here.

Live Stream Classes Are Here!

Mindbody's Virtual Wellness Platform is a fully integrated video on-demand and live stream platform enabling businesses to create sustainable, hybrid business models with virtual offerings directly through the Mindbody business software. Consumers will now be able to book, pay for and experience virtual classes and wellness services through one application.

We added a ContentFormats property to the Program shared resource returned from Public API V6 endpoints. Possible values:

  1. "InPerson" - The program does not offer virtual classes.
  2. "LiveStream:Mindbody" - The program offers classes with virtual live streams hosted on the Mindbody Virtual Wellness Platform.
  3. "LiveStream:Other" - The program offers classes with virtual live streams that are not hosted on the Mindbody Virtual Wellness Platform.

We added a VirtualStreamLink property to the Class shared resource returned from Public API v6 endpoints. This URL is only returned for Classes that:

  1. Offer virtual live streams hosted on the Mindbody Virtual Wellness Platform and
  2. have not yet started

Live stream links are usually generated the day of the scheduled class.

May 2020 Updates - Addressing Duplicate Client Creation in Public API

Starting the week of May 18th, 2020 all versions of the Public API will no longer allow duplicate clients to be created. Duplicate client accounts are a commonly referenced issue that will be addressed in upcoming changes to the Public API. In the future, duplicate clients will no longer present issues for your integration as we change our API responses to better serve your needs.

Duplicates are defined as client records with the same first name, last name and email.

MINDBODY recommends updating integrations to handle these new error responses when using AddOrUpdateClients, AddClient or UpdateClient across Public API V5.0 through V6.0. In V5.0 and V5.1 error codes will be returned in the 300s range with a message indicating duplicate creation was attempted. In V6.0 an HTTP Status Code 400 and error message will be returned

If you are a business that would like to use this update earlier than May, please contact your account manager or the Contact API Support.

Duplicates FAQ

  • I need to be able to make duplicate clients, what do I do now? Can an exception be made for my account so I can make duplicate clients?
    • Tell Contact API Support your use case(s) and feedback will be collected for the product and engineering teams to review.
  • I already have duplicates in my site, what happens now? Can I make edits to these profiles?
    • You can still make edits to profiles that involve existing duplicates, however we recommend updating these profiles later using the Merge Duplicate Clients tool.
  • What error responses can I expect to see if I attempt to make a duplicate?
    • In Public API V5.0 and V5.1 when calling AddOrUpdateClients and attempting to create a client with the exact same email, first and last name as an existing client profile at the studio will return an error code "331" and error message "Client creation cannot result in duplicate client records".
    • In Public API V5.0 and V5.1 when calling AddOrUpdateClients and attempting to update a client with the exact same email, first and last name as an existing client profile at the studio will return an error code "332" and error message "Client update cannot result in duplicate client records".
    • In Public API V6.0 when calling AddClient and attempting to create a client with the exact same email, first and last name as an existing client profile at the studio will return HTTP Status Code 400, an error code "InvalidClientCreation" and error message "Client creation cannot result in duplicate client records.".
    • In Public API V6.0 when calling UpdateClient and attempting to update a client profile with the exact same email, first and last name as an existing client profile at the studio will return HTTP Status Code 400, an error code "InvalidClientUpdate" and error message "Client update cannot result in duplicate client records.".

Questions about these changes can be request to Contact API Support.

Public API V6.0 POST AddArrival Updates

Cross-regional arrivals are now supported in V6.0! When used on a site that is part of a region, the following new logic will apply:

  • When a client exists within the region but not at the studio where the arrival is being logged, a local client record will be automatically created.
  • If the local client does not have an applicable local membership or pricing option, a membership or pricing option will be automatically used if it exists elsewhere within the region.

Developers calling POST AddArrival V6.0 must provide a staff user token with staff assigned the LaunchSignInScreen permission. Anonymous calls to AddArrival V6.0 will fail with the error message "Authorization Required".

Public API V6.0 GET Services Updates

We have recently added some additional properties to the GET Services endpoint to help improve your purchase workflows. Changes include "SellOnline", "Membership" and "IsIntroOffer". Find out more in the documentation here.

Past and Upcoming Bug Fixes - Public API & Webhooks

Week of March 30th, 2020 - Tentatively Planned For
  • A new endpoint GET ClientDuplicates will be available in Public API V6 to check for duplicate clients.
  • Developers using UploadClientPhoto will no longer experience outdated images returned in the GET Clients response.
  • Developers will receive documentation for new endpoints GET Genders and GET ClientDuplicates.
  • Developers will no longer see code examples with `http`, which has been updated to `https`.
  • Developers will see an updated list of error codes found in versions 5.0 & 5.1.
Week of March 23rd, 2020
Week of March 16th, 2020
Week of March 9th, 2020
  • In Public API V5.x when using AddOrUpdateClients we will now require the use of an email when adding a new client or updating a client profile and are checked under the Required Fields. This will apply to both consumer mode and staff mode requests.
Week of March 2nd, 2020
  • In Public API (all versions) when using GetClientVisits we fixed an issue where arrival visits were not returned in the response.
  • In Public API (all versions) when using GetClientVisits we fixed an issue where duplicate appointment visits were returned in the response. 
  • In Public API V6.0 when using AddAppointment or UpdateAppointment and "GenderPreference" parameter is left out or set to "None", the preference will be set to No Preference.  

Recent Webhooks Updates

We have recently added some additional properties to the Webhooks clientclassRosterBooking, class and classSchedule payloads to help improve your class booking experiences. 

  • The client payloads have been updated to now return you details on billing info, client photos and prior email addresses used for client records. These are great pieces of information to use when building a comprehensive profile overview for your integration.
  • The classRosterBooking payloads now include item details so you can relate these back to the Services[].ProductId returned by GET Services in Public API. This is helpful if you would like to see what services a client used during their booking. 
  • The class and classSchedule payloads have been updated to now include details for assistants assigned to classes. In addition, the classSchedule payload has been updated to now only send when a change is made to the entire schedule. If you had previously used this to indicated single class instance changes please use the class.updated Webhook instead. This includes class cancellations. 

Developer Onboarding Changes - February 2020

Starting February 19, 2020 all Developer Accounts created on that date or after will be unable to use Public API V5.0 or V5.1. All developers are encouraged to use V6.0, which is MINDBODY’s latest release of the Public API. Existing accounts will not be affected by this change.

Onboarding FAQ

  • How will I know if I cannot use Public API V5.0/V5.1?
    • You will know if your account does not have access if it was created on or after February 19, 2020 or receives error code 108 and message "Your developer account does not have access to this legacy version".
  • I need something that is only in V5.0/V5.1, what do I do now?
    • Tell Contact API Support and feedback will be collected for the product and engineering teams to review.
  • Can an exception be made for my account so I can use V5.0/V5.1?
    • Tell Contact API Support and feedback will be collected for the product and engineering teams to review.
  • Does this mean V5.0 and/or V5.1 is being deprecated?
    • This is not a deprecation announcement for V5.0 and V5.1 of the Public API. When that happens, a broad announcement will be made that is clear on timelines and changes regarding deprecation plans.
  • Why are you stopping onboarding to V5.0/V5.1?
    • V6.0 of the Public API has been in stable release for close to a year and based on feedback and adoption rates we feel it is time to move all new developers to the latest version where stability, security and ease of use are much greater.
  • What should I do if I'm currently using V5.0/V5.1?
    • We recommend all developers regularly plan to update their integrations to MINDBODY, but also recognize this can be a large change so at this time we will continue to provide support for our V5.x users.
  • How can I find the V5.0/V5.1 documentation if I can no longer pick the version of documentation to view?
    • Please login to your account and the option to view the documentation will be available. Alternatively, you can use this link to view after logging in.

Addressing Duplicate Client Creation in Public API

Changes were made as of February 28, 2020 to projected error codes. Error 329 will now be 331, and error 330 will be 332. The requirement of email, first and last name on client creation and update has been removed and will use existing requirements for first and last name. Please account for these changes.


Starting the week of May 11th, 2020 all versions of the Public API will no longer allow duplicate clients to be created. Duplicate client accounts are a commonly referenced issue that will be addressed in upcoming changes to the Public API. In the future, duplicate clients will no longer present issues for your integration as we change our API responses to better serve your needs.

Duplicates are defined as client records with the same first name, last name and email.

MINDBODY recommends updating integrations to handle these new error responses when using AddOrUpdateClients, AddClient or UpdateClient across Public API V5.0 through V6.0. In V5.0 and V5.1 error codes will be returned in the 300s range with a message indicating duplicate creation was attempted. In V6.0 an HTTP Status Code 400 and error message will be returned

If you are a business that would like to use this update earlier than May, please contact your account manager or the Contact API Support.

Duplicates FAQ

  • I need to be able to make duplicate clients, what do I do now? Can an exception be made for my account so I can make duplicate clients?
    • Tell Contact API Support your use case(s) and feedback will be collected for the product and engineering teams to review.
  • I already have duplicates in my site, what happens now? Can I make edits to these profiles?
    • You can still make edits to profiles that involve existing duplicates, however we recommend updating these profiles later using the Merge Duplicate Clients tool.
  • What error responses can I expect to see if I attempt to make a duplicate?
    • In Public API V5.0 and V5.1 when calling AddOrUpdateClients and attempting to create a client with the exact same email, first and last name as an existing client profile at the studio will return an error code "331" and error message "Client creation cannot result in duplicate client records".
    • In Public API V5.0 and V5.1 when calling AddOrUpdateClients and attempting to update a client with the exact same email, first and last name as an existing client profile at the studio will return an error code "332" and error message "Client update cannot result in duplicate client records".
    • In Public API V6.0 when calling AddClient and attempting to create a client with the exact same email, first and last name as an existing client profile at the studio will return HTTP Status Code 400, an error code "InvalidClientCreation" and error message "Client creation cannot result in duplicate client records.".
    • In Public API V6.0 when calling UpdateClient and attempting to update a client profile with the exact same email, first and last name as an existing client profile at the studio will return HTTP Status Code 400, an error code "InvalidClientUpdate" and error message "Client update cannot result in duplicate client records.".

Questions about these changes can be sent to Contact API Support.

November 2019 Updates - New Membership Features, Appointment Booking Updated Webhook & Much More!

November brought us even more updates to the API Platform. Check out the changes below and see what was released in the last month.

GET Memberships - New Endpoint

GET Memberships allows developers to retrieve membership details and map to GET ActiveClientMemberships. See the documentation here for more details.

GET ActiveClientMemberships Public API V6.0 - Cross-Regional Lookups!

The GET ActiveClientMemberships endpoint was updated to allow developers to look up memberships cross-regionally now. No need to make multiple calls anymore. Documentation can be found here.

New appointmentBooking.updated Webhook Added!

A new Webhook event type “appointmentBooking.updated” was just added. This webhook will provide developers with real-time updates for appointment changes that occur throughout the MINDBODY software.

Visit Resource Updates in Public API V6.0

GET ClientVisits and POST AddClientToClass now returns additional data on the service id and name used for booking.

Cross-Regional Waitlist Now Supported in V6.0

The POST AddClientToClass endpoint now supports cross-regional waitlist bookings. Documentation can be found here.

GET ClientServices now returns ProductId

GET ClientServices V6.0 returns the product id so that it can be related directly back to GET Services V6.0.

October 2019 Updates

October was a busy month for our API Platform. Check out the updates below and see what was released in the last month.

Direct Debit/ACH Support in Public API V6.0 - Additional Payment Options for Checkout!

A long requested addition to the Public API is now live. We support direct debit/ACH in the Public API and are ready for checkout. See the documentation here for more details.

GET Sales Public API V6.0 Improvements - More Data and Service Mapping!

There is now even more data and documentation available for developers to surface about sales. Use these updates to get the barcode Id and then map the responses to Services and Products. Documentation can be found here.

GET GiftCardBalance Public API V6.0 - Check Those Balances!

Now developers can check prepaid gift card balances as often as they would like without going through the checkout workflow. See the documentation for the new endpoint here.

IP Whitelisting Available Now

Developers can now secure their integration with the MINDBODY Public API through the usage of IP Whitelists. This additional security measure gives developers an additional layer of protection when interacting with customer data. It is not mandatory to use, however it is highly recommended.

This is documented in the Developer Portal under the Authentication section.

The Stable Release of the Public API V6.0 is Here!

MINDBODY is happy to announce that Version 6.0 of the Public API is now stable and ready for use in your applications. Here are a few of the highlights of the new release.

Transitioning to RESTful APIs

No more SOAP and no more parsing XML! V6.0 has REST-like endpoints that use GET and POST calls to retrieve data in an easy-to-read JSON format.

New and Improved Documentation

The documentation has been extensively rewritten. Query parameters and response elements for all endpoints are described in detail. Many of the endpoints have helpful code examples of both requests and responses in cURL, C#, PHP, Python, and Ruby. The tutorials detail how to accomplish common workflows, like booking an appointment or getting a shopping cart total.

Standardized Error Handling

New error messages consist of an error code and a specific description to help you quickly pinpoint the source of the problem. For example, you might receive an error code of "ClassOnlineSignUpsFull." The description for this error code reads: "The class is full. No more clients are allowed to sign up for this class online."

Support for Gift Cards

There is now an endpoint that allows a client to purchase a gift card from a business in a variety of designs. The card can be emailed to the recipient on a specific day, and a card title and a personal message can be added.

If you don't yet have a developer account, check out our FAQs, or go to our Getting Started section for step-by-step help to:
  • create a MINDBODY developer account use the MINDBODY sandbox for development and testing your application
  • request approval from MINDBODY to take your application live
  • once you're approved, follow the activation process to take your application live
If you already have a developer account, take a look at our tutorial on adding a client to a business database and try it out in our sandbox.

Announcing the Stable Release of the Webhooks API!

As of April 1, 2019, MINDBODY proudly announces that our Webhooks API V1.0 release has been promoted to a Stable Release, ready for use in your applications.
You can use this API to create an application that shows near real-time updates to business data without having to long-poll the Public API. This API is MINDBODY's implementation of an HTTP push API. The MINDBODY Webhooks API notifies you when specific events that you subscribe to occur in the data of a business that uses MINDBODY.
For example, using the Webhooks API, you can create a subscription that notifies you as soon as a new client has been created so that your application can send the client a welcome email. Another typical use is to create a subscription that notifies you when a client has booked a class or an appointment, so that you can reduce the frequency of call volume.

Release Highlights

We have made some changes to the Webhooks API during its beta period. Here are a few of the most important changes now in the stable release:
  • API Key Updates
    You can now use the same API key mechanism for the Public API and for the Webhooks API. Create a key for each of your integrations on the API Credentials page in the Developers Portal and manage all your keys in one place.
  • Authorization Updates
    Now that we have implemented API keys for Webhooks, the Authorization header is no longer required in calls.
  • PATCH Subscription Endpoint
    We have added a new endpoint that lets you activate and reactivate the subscriptions that are associated with your developer portal account. You no longer need to contact MINDBODY to have this done for you. Note that you can only activate or update one subscription at a time using this endpoint.
Check out the stable release of the MINDBODY Webhooks API and try out all the new capabilities that can be unlocked when you pair the Webhooks API with the Public API! Send your feedback to Contact API Support

Public API V6.0 now in Open Beta!

Check out the latest version of the Public API and explore all the new updates we've been making to the platform!


Highlights

Disclaimer: You should expect releases that are labeled beta to have frequent, unannounced changes, so we recommend that you do not use beta features in your production offerings.

Please send all feedback to Contact API Support

Watch the latest MINDBODY Developer Videos

BOLD 2018: Josh Lloyd on FitMetrix

At the Partner Track at MINDBODY BOLD 2018, Josh Lloyd (FitMetrix) explains how to create a fantastic API integration. Watch it here.


API Keys - MINDBODY

How to use API keys on the MINDBODY Public API. Watch it here.


API Updates 6/14/2018

GDPR

The v5.0 and v5.1 GetClients endpoint has been updated to return email opt-in statuses to meet new GDPR requirements. The GetClients output has not changed, it will still return:

  • PromotionalEmailOptIn for newsletters and marketing campaigns 
  • EmailOptIn for scheduling notifications and reminders

Please note GetClients has not been updated to include SMS opt-in statuses, this work will be completed during a later phase. We recommend calling GetClients to refresh your data-caching layer if you have not done so since June 13, 2018.

 

Deprecation of TLS 1.0 and 1.1 Support

On June 18th, 2018, MINDBODY will no longer accept connections made over TLS 1.0 or TLS 1.1. MINDBODY will only accept TLS 1.2. You may have to change the code in your API integration to accommodate this security change. This update is mandatory, as MINDBODY must be PCI compliant.

The Payment Card Industry (PCI) Data Security Standard has stipulated that TLS 1.0 and 1.1 encryption protocols can no longer be used for secure communications, only TLSv1.2 or higher is acceptable. The PCI DSS standards can be read in full here.

To ensure compliance with the PCI DSS standards and security best practices, MINDBODY will disable support for TLS 1.0 and 1.1 on all our web-facing systems on Monday June 18th, 2018. After June 18, 2018, MINDBODY Partners who attempt to access the MINDBODY platform with TLS 1.0 and 1.1 will have their connection refused, only TLS 1.2 will be accepted.

If your requests to MINDBODY use TLS 1.0 or 1.1 your automation will need to be updated to exclusively use TLS 1.2. This may involve updating your programming language or tool set to a more modern version, or changing configurations to specifically enable TLS 1.2 and disabling TLS 1.0 and 1.1. If you do not make this change you will not be able to access the MINDBODY API platform.

If your requests to MINDBODY already use TLS 1.2, no change is needed.

If you have questions, please Contact API Support.

Thank you for working with us to keep our shared customers safe.

The MINDBODY Team

API Updates 5/30/2018

SOAP API Version 5.1 Promotion to Stable Release

We are pleased to announce that Version 5.1 of our SOAP API has been promoted to Stable Release. We now recommend developers use v5.1 in their production applications.

API Updates 1/18/2018

Beginning 1 January 2018, any business subject to French taxation is also subject to the new French NF525 law that requires businesses that record payments via a cash drawer, accounting or management software, to use a software which meets certain conditions of sales data inalterability, security, storage and archiving.

To allow for compliance with the NF525 law, certain functionality related to editing of sales has been removed from UpdateClientServices and UpdateSaleDate in version 5.0 and 5.1 for MINDBODY businesses located in French territories. Developers will now be returned the following response:

<Status>InternalException</Status>
<ErrorCode>1100</ErrorCode>
<Message>Endpoint not accessible for the subscriber's country</Message>

If you have any questions, please contact us at [email protected].

API Updates 9/26/2017

SOAP API Version 5.1 (beta) Released

We are pleased to announce that Version 5.1 of our SOAP API has been released. This update contains support for many Cross-Regional use cases, as well as Contracts/Autopays. As a beta release, feel free to begin starting with your dev/test efforts. We are actively collecting feedback at Contact API Support. However, we do not recommend using these new features for production use until we make a GA release.


Getting Started with Version 5.1 (beta)

Switching to version 5.1 is simple. Wherever you are using /api/0_5 in your API calls, use /api/0_5_1 instead. This is relevant for accessing all routes (WSDL, SOAPAction, etc.).

Example: https://api.mindbodyonline.com/0_5/ClientService.asmx?wsdl
Becomes: https://api.mindbodyonline.com/0_5_1/ClientService.asmx?wsdl


API Support for Contracts/Autopays with Credit Cards

  • The Sale Service now has two new endpoints: GetContracts and PurchaseContracts.
  • GetClientContracts, part of the Client Service, has been updated to include additional information about clients' previously purchased contracts.

Cross-Regional Class Bookings

  • The Class Service has been updated with a new endpoint, AddClientToClass, which now supports Cross-Regional class bookings.
  • When used on a Cross-Regional class booking, RemoveClientsFromClasses has been updated to return sessions back to the series (ClientService) that was used to book into a class.

Cross-Regional Client Lookups

The following endpoints now allow for Cross-Regional lookups, simply by passing in a CrossRegionalLookup=true request parameter.

  • GetClientServices
  • GetClientSchedule
  • GetClientVisits
  • GetClientContracts
Additionally, a new endpoint, GetCrossRegionalClientAssocations, has been created to allow for determining which sites a ClientID has been to within an organization.

Cross-Regional Client Updates

  • Do you need to update client information (based on RSSID / ClientID) across all of the sites within a Cross-Regional Organization? Now you can using UpdateClientCrossRegional

Updates to Additional Endpoints

  • GetSales now returns the ClientID associated with a sale, as well as information about the items associated with the sale.
  • GetClients now allows you to pass in a LastModifiedDate which, when set, will result in only clients who have been modified on or after the specified date being returned in the response.
  • GetClasses now allows you to pass in a LastModifiedDate which, when set, will result in only classes that have been modified on or after the specified date being returned in the response.
  • GetClassVisits now allows you to pass in a LastModifiedDate which, when set, will result in only visits that have been modified on or after the specified date being returned in the response.

API Updates 6/19/2017

Upcoming Changes to Version 5.0

Within the next 4 weeks we will be making several improvements to various methods within our SOAP API. Here is a list of upcoming updates:


GetClients

Summary: The response for GetClients is being updated to more closely resemble the information that a staff member can see within our core software. Currently, when developers execute a GetClients request with a Fields.Clients.ClientCreditCard and staff credentials of a staff member that has the “View client billing information” permission enabled and the “View client profile” disabled , the credit card property is returned in the response. However, this same staff member is not able to view the clients stored credit card in through core. Updated Behavior:

  • If “View client billing information” is enabled and “View client profile” is disabled, then the response will not contain credit card response properties.
  • If “View client billing information” is disabled and “View client profile” is disabled, then the response will not contain credit card response properties.
  • If “View client billing information” is enabled and “View client profile” is enabled, then the response will contain credit card response properties.

AddOrUpdateAppointments

Current Behavior: When developers execute an AddOrUpdateAppointments request to update an existing appointment using staff credentials that do NOT have the “Modify appointments” permissions enabled, the Response.ErrorCode is set to ‘200’ with a Response.Status of ‘Success’. The message within the <Appointments> response property correctly displays “Permission error - User does not have permission to edit appointment.”

Updated Behavior: When user executes an AddOrUpdateAppointments request to update an existing appointment using staff credentials that do NOT have the “Modify appointments” permissions enabled, the Response.ErrorCode is set to ‘201’ with a Response.Status of ‘FailedAction’. The message within the <Appointments> response property correctly displays “Permission error - User does not have permission to edit appointment.”


GetActiveClientMemberships

Current Behavior: This method only returns the most recent membership that a client has even though the client has more than 1 active memberships. Updated Behavior: We will be updating the behavior of this method and returning all client active memberships and not just the most recent membership.


GetStaffAppointments

Current Behavior: Appointments scheduled on "All/Business Closed" holidays are returned in the GetStaffAppointments response. However, our core software does not allow staff to view these appointments from the in the appointment schedule screen and instead displays the holiday message. Updated Behavior: The GetStaffAppointments response will not display any appointments that are scheduled on a "All/Business Closed" holidays.


API Updates 5/26/2017

Within the next 4 weeks we will be making several improvements to various methods within our SOAP API. Here is a list of upcoming updates:

  • AddClientsToClasses
    • Developers were experiencing an edge case where users could be added to classes even if the classes were full. This has been resolved.
  • AddOrUpdateAppointments
    • The behavior of this method has been fixed to allow for the late cancelling of appointment requests. This error message will be replaced with a “200 Success: Appointment.Action.Updated” status in the response.
    • Some developers were reporting issues when updating the StartDateTime of existing appointments. These issues have been resolved.
    • Scheduling restrictions for businesses that use the “Scheduling Suspension” feature have been updated to be consistent with how our core software works.
    • Previous Behavior: When user executes an AddOrUpdateAppointments request to update an existing appointment using staff credentials that do NOT have the “Modify appointments” permissions enabled, the Response.ErrorCode is set to ‘200’ with a Response.Status of ‘Success’. The message within the <Appointments> response property correctly displays “Permission error - User does not have permission to edit appointment.” Updated Behavior: When user executes an AddOrUpdateAppointments request to update an existing appointment using staff credentials that do NOT have the “Modify appointments” permissions enabled, the Response.ErrorCode is set to ‘201’ with a Response.Status of ‘FailedAction’. The message within the <Appointments> response property correctly displays “Permission error - User does not have permission to edit appointment.”

API Updates 5-25-2017

SOAP v.5 – ClassService.GetClasses

  • A bug in our latest update of this method was causing classes scheduled on holidays / closed days to be returned in the response of Get Classes. With a release happening on 5/25/2017, this issue will be resolved and those classes will no longer be included in the response object.
  • When a user passes in a <PageSize> value of ‘0’, the GetClasses response will contain all classes within the supplied request parameter range.
  • GetClasses will now return valid resource information for each class returned in the response. Please note that resource information will only be returned when the Classes.Resource field request parameter is included in the GetClasses request.

API Updates 4-19-2017

SOAP v.5 – ClassService. AddClientsToClasses

  • Method updated to check against the "Scheduling Suspensions" site setting when a attempting a consumer booking for accounts with a contract suspensions on file.

SOAP v.5 – ClassService.AddClientsToEnrollments

  • Method updated to check against the "Scheduling Suspensions" site setting when a attempting a consumer booking for accounts with a contract suspensions on file.

SOAP v.5 – AppointmentService.AddOrUpateAppointments

  • Method updated to check against the "Scheduling Suspensions" site setting when a attempting a consumer booking for accounts with a contract suspensions on file.

SOAP v.5 – SalesService.CheckoutShoppingCart

  • Method updated to prevent deactivated pricing options from being purchased.

SOAP v.5 - ClassService.GetClasses

  • Method has been optimized to reduce network strain and improve processing times. As part, the following changes have been introduced:
    • Update to return classes with service categories set to “inactive”.
    • Update to return deactivated resources still assigned to active classes.
    • Update to return ‘Substitute=False’ when assigned class has been cancelled.
    • Update to return staffID of originally scheduled staff member for cancelled classes. This is a change from previous behavior of staffID being returned as “-1”.
    • Method no longer requires “Classes.Resource” to be passed in request to return resources/room information. Instead the ‘Resource’ object will now be returned by default for requests using “XMLDetail=Full”.
    • Update to no longer return an error for requests including an inactivate ‘LocationID’.

SOAP v.5 – ClientService.GetClients

  • Fix to resolve issue with the following error being thrown when requesting client relationships: [Incorrect syntax near ')'.]

SOAP v.5 - ClassService.RemoveClientsFromClasses

  • Fix to resolve issue with "Waitlist Notification" sms messages not being sent to clients added to class roster following client cancellations through the API.

SOAP v.5 – ClassService.UpdateClientVisits

  • Fix to resolve issue with "Waitlist Notification" sms messages not being sent to clients added to class roster following client cancellations through the API.