Templates
POST /v1/templates
Define the layout, branding, and fields for a pass class. Update templates to push design changes to installed passes.
Developer docs
Developer documentation.
REST API reference, webhooks, code samples, and integration guides for issuing, updating, and revoking Apple Wallet and Google Wallet passes from your stack.
We're setting up our dedicated docs site.
While we do, the essentials are below. Email engineers@shakewellwallet.com for anything that isn't here — we'll usually reply same day.
Quickstart
Issue your first pass in 5 minutes.
- 01
Get your API key
Generate a key from Dashboard → Settings → API. Treat it like a password — store it in your secret manager.
- 02
Create a template
Design a pass in the visual builder, or POST one to
/v1/templates. Templates control layout, branding, and fields. - 03
Issue a pass
POST a customer payload to
/v1/passeswith your template ID. The response includes an install URL. - 04
Push to the customer
Send the install URL via email or SMS, embed a signup form, or have your app deep-link straight to Apple Wallet / Google Wallet.
cURL · POST /v1/passes
Example requestcurl -X POST https://api.shakewellwallet.com/v1/passes \
-H "Authorization: Bearer sk_live_xxx" \
-H "Content-Type: application/json" \
-d '{
"template_id": "tpl_01HXY...",
"customer": {
"email": "ada@example.com",
"first_name": "Ada",
"last_name": "Lovelace"
},
"fields": {
"tier": "Gold",
"points": 1240
}
}'Core resources
The objects you'll work with.
Passes
POST /v1/passes
Issue a pass for a customer. Update field values to push live changes (tier, points, balance) to the lock screen.
Push notifications
POST /v1/notifications
Send lock-screen push to one pass, a segment, or every installed pass on a template.
Customers
GET /v1/customers
List passholders, attach metadata, and segment by tag or custom field.
Webhooks
POST /v1/webhooks
Subscribe to install, uninstall, push-receipt, and template-update events. Signed payloads delivered to your endpoint.
Analytics
GET /v1/analytics
Query installs, active passes, push delivery, and engagement by template, segment, or date range.
Authentication
Every request needs an API key passed as a bearer token:
Authorization: Bearer sk_live_xxxGenerate keys per environment (test / live) in Dashboard → Settings → API. OAuth 2.0 is available for Enterprise customers who need per-user scopes.
Security best practices
- • Never embed live keys in client-side code or mobile bundles.
- • Rotate keys on staff offboarding — old keys can be revoked instantly.
- • Restrict keys by IP allowlist on Scale and above.
- • Verify webhook signatures on every payload.
Errors + rate limits
Status codes and throttles.
| Code | Meaning | When you'll see it |
|---|---|---|
| 200 | OK | Request succeeded. |
| 400 | Bad Request | Invalid payload or missing required field. |
| 401 | Unauthorized | Missing or invalid API key. |
| 403 | Forbidden | Key lacks permission for this resource. |
| 404 | Not Found | Resource does not exist on your account. |
| 429 | Rate limited | Slow down — see rate limits below. |
| 500 | Server error | Our problem. Retry with exponential backoff. |
Rate limits
10 requests/second on Growth, 100 requests/second on Scale. Enterprise plans are negotiable. Throttled responses return 429 with a Retry-After header.
SDKs and tooling
Officially supported today: cURL and Postman (collection on request). Coming soon: Node.js and Python SDKs.
No-code automations: Zapier, Make (Integromat), and n8n — see Integrations.
Have questions? Email engineers@shakewellwallet.com.
Build with the API
Start issuing wallet passes from your stack.
Set up takes minutes. No credit card required to start a free trial.