Supergood | SpotOn API
Programmatically access SpotOn restaurant and retail POS data—orders, menus, reservations, labor, loyalty—with a stable REST API. Supergood builds and operates production-grade, unofficial SpotOn integrations so your team can automate front and back-of-house processes without heavy custom engineering.
Plain English: SpotOn is a point-of-sale and business management platform for restaurants, bars, cafes, venues, and retailers. An unofficial API lets you pull orders, checks, payments, tips, menu/catalog data, reservations/waitlist, guest and loyalty profiles, timecards, gift cards, and inventory—and push updates like menu changes, 86s, reservations, discounts, and comps back into SpotOn.
For a tech company integrating with SpotOn, this means you can ingest real-time tickets and payments for analytics, sync menus and pricing across channels (online ordering, kiosks, delivery integrations), power reservation and waitlist automation, reconcile batches to accounting (e.g., QuickBooks, Xero), enrich your CRM with guest history and loyalty, and automate labor/payroll workflows. Many operators report limited official API access, add-on fees for integrations, or CSV-only exports—an unofficial API helps unlock automation without changing your POS.
What is SpotOn?
SpotOn (https://www.spoton.com/) provides cloud-based POS, online ordering, reservations, marketing, and payments for hospitality and retail. After acquiring Appetize, SpotOn also powers enterprise venues and stadiums. Operators use SpotOn to take orders (counter, table, QR, kiosk), manage menus and modifiers, coordinate reservations and table management, run loyalty and marketing, process card-present and card-not-present payments, track labor/timecards, and analyze performance.
Core product areas include:
- POS & Ordering (counter service, full service, QR, kiosk, online ordering)
- Guest & Reservations (SpotOn Reserve, waitlist, table management, guest notes)
- Payments & Financials (card-present, digital wallets, tips, deposits, chargebacks, payouts)
- Menu & Inventory (menus, items, modifiers, pricing, dayparts, 86 lists, stock counts)
- Loyalty & Marketing (guest profiles, points/balances, campaigns, gift cards, promotions)
- Labor & Staff (employees, roles/permissions, timecards, scheduling)
- Enterprise & Venues (multi-location management, revenue centers, devices/terminals)
Common data entities:
- Businesses and Locations (addresses, tax settings, revenue centers)
- Terminals/Devices (registers, kiosks, handhelds)
- Employees and Roles (permissions, job codes)
- Guests/Customers (contact info, preferences, loyalty)
- Loyalty Accounts and Gift Cards (balances, accruals, redemptions)
- Menus, Categories, Items, Modifiers (pricing, availability, routing)
- Orders/Tickets and Line Items (dining options, service charges, discounts)
- Payments, Tips, Refunds, Voids (tenders, card details, reconciliation)
- Reservations/Waitlist (party size, time, status, deposits)
- Inventory Levels and Counts (in-stock, par, depletion)
- Batches/Settlements and Payouts (close times, totals)
The SpotOn Integration Challenge
Teams depend on SpotOn daily, but turning POS and portal workflows into API-driven automation can be hard:
- Fragmented access: Official APIs or partner programs can be limited or require paid add-ons; many workflows rely on CSV exports and back-office reports
- Real-time needs: Operators want instant order/payment data and stock changes, but built-in exports often run on delayed cadences
- Menu complexity: Multi-location menus, dayparts, price levels, tax categories, and modifier groups create intricate data models
- Mixed estates: Legacy Appetize venue modules and SpotOn Restaurant can differ in object shape and permissions
- Eventing gaps: Webhooks for order lifecycle, refunds, and 86 changes are not always available or consistent
- Authentication: SSO/MFA and session lifecycles complicate headless automation across back-office and venue portals
How Supergood Creates SpotOn APIs
Supergood reverse-engineers authenticated browser flows and network calls to deliver a resilient API endpoint layer for your SpotOn tenant.
- Handles username/password, SSO/OAuth, and MFA (SMS, email, TOTP) securely
- Maintains session continuity with automated refresh and change detection
- Normalizes responses across restaurants, retail, and venue modules
- Aligns with entitlements and role-based permissions for compliant access
- Monitors UI/API changes continuously and updates adapters quickly
Use Cases
Orders, Checks, and Payments Sync
- Stream new/updated orders with items, modifiers, tips, and refunds into your data warehouse
- Power live dashboards, kitchen analytics, and revenue center reporting
- Reconcile settlements and deposits to accounting (e.g., QuickBooks, Xero)
Menu Management Across Channels
- Create/update items, modifiers, and daypart pricing from your PIM
- Automate 86 lists and stock levels to third-party channels
- Keep online ordering, kiosks, and in-store menus in sync
Reservations, Waitlist, and CRM
- Create reservations and sync status back to your guest platform
- Enrich CRM with visit history, spend, and loyalty balances
- Trigger confirmations, deposits, and pre-auths based on rules
Labor and Payroll Automation
- Export timecards with job codes, breaks, and declared tips
- Validate shifts and feed payroll systems or BI tools
- Alert on overtime risks and scheduling compliance
Inventory and Waste Tracking
- Pull current counts and depletions tied to sold items and modifiers
- Flag variance across locations and adjust par levels automatically
Available Endpoints
Authentication
POST /sessions: Establish a session using credentials. Supergood manages MFA (SMS, email, TOTP) and SSO/OAuth when enabled. Returns a short-lived auth token maintained by the platform.
curl --request POST \
--url https://api.supergood.ai/integrations/<integration_id>/sessions \
--header 'Authorization: Basic <Base64 encoded token>' \
--header 'Content-Type: application/json' \
--data '{
"username": "[email protected]",
"password": "<password>",
"mfa": { "type": "totp", "code": "123456" }
}'
Example response
{
"authToken": "eyJhbGciOi...",
"expiresIn": 3600,
"user": {
"id": "u_spoton_92fd31",
"name": "General Manager",
"entitlements": ["orders", "menus", "reservations", "labor", "loyalty"]
}
}
POST /sessions/refresh: Refresh an existing token to keep sessions uninterrupted.
Orders
GET /locations/{locationId}/orders: List orders with filters, including checks, items, discounts, payments, and tips.
Query parameters
- revenueCenterId: string
- source: pos | online | kiosk | qr | third_party
- status: open | closed | voided | refunded
- closedFrom, closedTo: ISO 8601 timestamps
- updatedFrom, updatedTo: ISO 8601 timestamps
- page, pageSize: integers for pagination
Example response
{
"items": [
{
"orderId": "ord_7a1d3f",
"checkNumber": 418,
"locationId": "loc_sf_pier",
"revenueCenterId": "rc_dining_room",
"source": "pos",
"diningOption": "dine_in",
"table": "32",
"guests": 3,
"openedAt": "2026-01-25T18:12:05Z",
"closedAt": "2026-01-25T19:03:44Z",
"employeeId": "emp_204",
"items": [
{
"lineId": "li_01",
"itemId": "itm_burger",
"sku": "BRG-001",
"name": "House Burger",
"quantity": 2,
"unitPrice": 14.00,
"modifiers": [
{ "modifierId": "mod_cheese", "name": "Cheddar", "price": 1.00 },
{ "modifierId": "mod_bacon", "name": "Bacon", "price": 2.00 }
],
"tax": 2.10,
"discounts": []
},
{
"lineId": "li_02",
"itemId": "itm_pint",
"sku": "DRFT-IPA",
"name": "IPA Pint",
"quantity": 1,
"unitPrice": 8.00,
"tax": 0.72,
"discounts": [
{ "type": "promo", "name": "Happy Hour", "amount": 2.00 }
]
}
],
"serviceCharges": [
{ "name": "SF Mandate", "amount": 1.50 }
],
"subtotal": 36.00,
"taxTotal": 2.82,
"discountTotal": 2.00,
"total": 38.32,
"payments": [
{
"paymentId": "pay_9c41f2",
"method": "card_present",
"cardBrand": "VISA",
"last4": "4242",
"amount": 38.32,
"tipAmount": 7.00,
"status": "captured"
}
],
"tipsTotal": 7.00,
"thirdPartyRef": null,
"voided": false,
"updatedAt": "2026-01-25T19:03:44Z"
}
],
"page": 1,
"pageSize": 50,
"total": 1
}
Menu Items
POST /locations/{locationId}/menus/{menuId}/items: Create a new menu item with pricing, tax category, modifier groups, and channel availability.
curl --request POST \
--url https://api.supergood.ai/integrations/<integration_id>/locations/loc_sf_pier/menus/mnu_main/items \
--header 'Authorization: Bearer <authToken>' \
--header 'Content-Type: application/json' \
--data '{
"name": "Crispy Chicken Sandwich",
"plu": "SND-102",
"sku": "SND-102",
"categoryId": "cat_sandwiches",
"taxCategory": "prepared_food",
"price": 13.50,
"priceLevels": [
{ "daypart": "happy_hour", "price": 11.50 }
],
"onlineAvailable": true,
"channels": ["pos", "online", "kiosk"],
"modifierGroups": [
{ "groupId": "mg_cheese", "required": false },
{ "groupId": "mg_sides", "required": true }
],
"kitchenRouting": { "prepStation": "FRY", "printer": "Kitchen_Printer_1" },
"inventory": { "track": true, "onHand": 42, "depletionUnit": 1 },
"labels": ["chicken", "popular"],
"imageUrl": "https://cdn.example.com/img/snd-102.jpg"
}'
Example response
{
"itemId": "itm_snd_102",
"status": "created",
"locationId": "loc_sf_pier",
"menuId": "mnu_main",
"createdAt": "2026-01-26T10:15:27Z"
}
Reservations
POST /locations/{locationId}/reservations: Create a reservation, optionally capturing deposit and guest preferences.
curl --request POST \
--url https://api.supergood.ai/integrations/<integration_id>/locations/loc_sf_pier/reservations \
--header 'Authorization: Bearer <authToken>' \
--header 'Content-Type: application/json' \
--data '{
"partySize": 4,
"scheduledAt": "2026-01-27T02:00:00Z",
"durationMinutes": 90,
"guest": {
"firstName": "Taylor",
"lastName": "Nguyen",
"phone": "+14155551212",
"email": "[email protected]",
"customerId": null
},
"notes": "Window seat if available; celebrating birthday",
"tags": ["birthday"],
"source": "online",
"deposit": { "amount": 20.00, "currency": "USD", "capture": true },
"tablePreferences": ["window"]
}'
Example response
{
"reservationId": "resv_5b92d0",
"status": "confirmed",
"waitlist": false,
"scheduledAt": "2026-01-27T02:00:00Z",
"deposit": { "paymentId": "pay_4e21c9", "amount": 20.00, "status": "captured" },
"createdAt": "2026-01-26T09:01:03Z"
}
Timecards
GET /locations/{locationId}/labor/timecards: Retrieve timecards for payroll, including breaks and declared tips.
Query parameters
- startDate, endDate: YYYY-MM-DD
- employeeId: string
- approved: true | false
- page, pageSize: integers for pagination
Example response
{
"items": [
{
"timecardId": "tc_8a3102",
"employeeId": "emp_204",
"jobCode": "server",
"clockInAt": "2026-01-25T16:00:00Z",
"clockOutAt": "2026-01-25T23:15:00Z",
"breaks": [
{ "start": "2026-01-25T19:00:00Z", "end": "2026-01-25T19:30:00Z", "type": "meal" }
],
"hours": 6.75,
"declaredTips": 145.00,
"payRate": 16.00,
"approved": true,
"approvedBy": "mgr_11",
"updatedAt": "2026-01-26T00:05:18Z"
}
],
"page": 1,
"pageSize": 100,
"total": 1
}
Technical Specifications
- Authentication: Username/password with MFA (SMS, email, TOTP) and SSO/OAuth where enabled; supports service accounts or customer-managed credentials
- Response format: JSON with consistent resource schemas and pagination across modules
- Rate limits: Tuned for high-volume order ingestion and menu updates while honoring customer entitlements
- Session management: Automatic reauth and cookie/session rotation with health checks
- Data freshness: Near real-time retrieval of orders, payments, menus, reservations, loyalty, and labor objects
- Security: Encrypted transport, scoped tokens, and audit logging; respects SpotOn role-based permissions
- Webhooks: Optional asynchronous delivery for long-running flows (e.g., refunds, table status, menu 86 changes)
Performance Characteristics
- Latency: Sub-second responses for list/detail queries under normal load
- Throughput: Designed for sustained order stream processing and multi-location menu sync
- Reliability: Retry logic, backoff, and idempotency keys minimize duplicate submissions (e.g., discounts, reservations)
- Adaptation: Continuous monitoring for UI/API changes with rapid adapter updates
Getting Started
- Schedule Integration Assessment
Book a 30-minute session to confirm your modules, licensing, and authentication model.
- Supergood Builds and Validates Your API
We deliver a hardened SpotOn adapter tailored to your workflows and entitlements.
- Deploy with Monitoring
Go live with continuous monitoring and automatic adjustments as SpotOn evolves.
Frequently Asked Questions
Q: Which SpotOn modules can this integration cover?
Supergood supports commonly used modules such as POS Orders/Checks/Payments, Menu & Modifiers, Reservations/Waitlist (SpotOn Reserve), Loyalty & Gift Cards, and Labor (Employees/Timecards), subject to your licensing and entitlements. We scope coverage during integration assessment.
Q: We’ve heard API access is limited or costly—how does Supergood help?
Many operators report that official APIs or partner integrations require add-on fees and often don’t expose every workflow they need. Supergood provides an unofficial, stable API that respects your permissions and delivers normalized objects, reducing reliance on CSV exports and manual back-office tasks.
Q: Can you sync settlements and sales to our accounting system?
Yes. We normalize orders, tips, service charges, taxes, refunds, and batch settlements to match your ERP/accounting schema and can push updates to systems like QuickBooks and Xero via webhooks or scheduled jobs.
Q: How are MFA and SSO handled for automation?
We support username/password + MFA (SMS, email, TOTP) and can operate behind SSO/OAuth where enabled. Sessions are refreshed automatically with secure challenge handling.
Q: Do you support multi-location menu variations and dayparts?
Yes. Our schema models location overrides, price levels by daypart, tax categories, and modifier group rules, so you can manage a single catalog with location-specific differences.
Related Integrations
Toast POS API — Programmatically access Toast with Supergood
Ready to automate your SpotOn workflows?
Supergood can have your SpotOn integration live in days with no ongoing engineering maintenance.
