Getting Started

Get league owners and facility owners from API key setup to a working widget or booking flow with the smallest set of Rondo setup steps.

1. Getting Started

Use this section to choose the right Rondo integration path and get your first implementation moving without learning Rondo internals first.

Base URLs

Surface	URL	Why you use it
API base (dev)	`https://dev.playrondo.com/api`	Send development API requests
OpenAPI YAML	`https://dev.playrondo.com/api/dev-docs/openapi.yaml`	Download the current API schema
Interactive docs	`https://dev.playrondo.com/api/embed/docs`	Explore the Embed API in a browser
Contract index	`https://dev.playrondo.com/api/embed/contract/v1`	Review the public embed contract
Demo page	`https://dev.playrondo.com/demo`	Test widgets and booking flows

Pick your integration path

Use the League & Session Widget when you want an embedded experience for league flows or standalone pickup sessions.
Use the Facility Booking Widget when you want to show availability and let users submit booking requests.
Use the Embed API when you want to build your own UI on top of the public contract instead of using widgets.
Add Webhooks if facility owners need booking lifecycle notifications.
Add Calendar Sync if facility owners want approved bookings reflected in their calendars.

What you need before you start

Requirement	Why it matters
Your API key	Authenticates widget and public API requests
Allowed domain in `allowedOrigins`	Lets your widget load from your site without CORS issues
The right facility, league, or session context	Tells Rondo what data to load
A test page or staging page	Gives you a safe place to validate the integration

Next step: Continue to Authentication & API Keys.

2. Authentication & API Keys

Use this section to send authenticated requests correctly and lock your integration to the domains and resources it should access.

Supported headers

Header	When to use it	Notes
`X-Rondo-Api-Key`	Preferred API key header	Use one header format consistently
`X-API-Key`	Alternate API key header	Supported for the same API key

X-Rondo-Api-Key: your_api_key

X-API-Key: your_api_key

Key configuration

Option	Type	Why it matters
`leagueIds`	Array	Limits access to specific leagues
`facilityIds`	Array	Limits access to specific facilities
`allowedOrigins`	Array	Limits browser-based use to approved domains

Recommended setup

Create a separate API key for each environment you control.
Limit the key to the leagueIds or facilityIds your app actually needs.
Add every site domain that will load the widget to allowedOrigins.
Keep the key server-side when you do not need browser-based access.

Next step: Continue to League & Session Widget.

3. League & Session Widget

Use this widget when you want to embed league experiences or standalone pickup sessions in your site with minimal custom UI work.

When to use it

Use case	Choose this widget?	Why
League hierarchy flows	Yes	It fits league-style navigation
Standalone pickup sessions	Yes	It supports session flows outside the league hierarchy
Fully custom frontend	Maybe not	The Embed API gives you more direct control

Before you embed

Requirement	Required	Why it matters
`rondo-widget.js`	Yes	This is the widget file for league and session experiences
Your API key	Yes	Authenticates data access
Allowed domain	Yes	The widget must load from a domain in `allowedOrigins`
League or session context	Yes	Determines what content the widget loads

Implementation notes

Test the widget on a real page in your development environment before launch.
Keep the host page simple until the first load works, then add styling around it.
The footer includes Powered by Rondo on all widgets, and it cannot be removed.

Next step: Continue to Facility Booking Widget.

4. Facility Booking Widget

Use this widget when you want to show facility availability and optionally let users submit booking requests from your site.

Before you enable booking

Requirement	Required	Why it matters
`facility-booking-widget.js`	Yes	This is the widget file for facility booking flows
Your API key	Yes	Authenticates requests from the widget
`data-api-key`	Yes	Passes your API key into the widget
`data-enable-booking="true"`	Yes, for booking form	Turns on the booking request form
Facility context	Yes	Tells the widget which facility to load

Public booking endpoint

POST https://dev.playrondo.com/api/dashboard/public/facilities/:facilityId/bookings

What happens after a booking request

A booking request goes to the facility manager for approval so the facility can review it before it becomes a confirmed booking.

The user submits a booking request from the widget.
The request appears in the Rondo dashboard for the facility manager.
The facility manager approves or rejects the request in Rondo dashboard → Facility.
If you need automatic notifications, set up Webhooks to receive booking updates.

Conflict response

{
  "error": "Slot no longer available",
  "code": "SLOT_CONFLICT"
}

Widget note

The footer includes Powered by Rondo on all widgets, and it cannot be removed.

Next step: Continue to Webhooks.

5. Webhooks

Use webhooks to send booking lifecycle updates from Rondo to your backend as soon as something changes.

Where to configure them

Configure facility webhooks in Rondo dashboard → Facility → Webhooks.

Events

Event	When it fires
`booking.created`	A booking request is created
`booking.approved`	A booking request is approved
`booking.rejected`	A booking request is rejected
`booking.cancelled`	A booking is cancelled
`booking.updated`	A booking is changed
`blackout.created`	A blackout is added
`blackout.removed`	A blackout is removed

Signature verification

Verify the signature before you trust or process a webhook event.

import crypto from 'node:crypto';

export function verifyWebhookSignature(rawBody, signature, secret) {
  const expected = crypto
    .createHmac('sha256', secret)
    .update(rawBody)
    .digest('hex');

  const actual = Buffer.from(signature, 'utf8');
  const expectedBuffer = Buffer.from(expected, 'utf8');

  if (actual.length !== expectedBuffer.length) {
    return false;
  }

  return crypto.timingSafeEqual(actual, expectedBuffer);
}

Retry behavior

We retry 3 times with backoff. If your endpoint is down for an extended period, the webhook will auto-disable and you can re-enable it from the dashboard.

Next step: Continue to Calendar Sync.

6. Calendar Sync

Use calendar sync to keep approved facility bookings visible in the calendar tools your facility team already uses.

Supported calendars

Google Calendar is supported.
Microsoft Outlook is supported.
Apple Calendar works through a Google Calendar link, so no native Apple integration is required.

Where to connect it

Connect calendars in Rondo dashboard → Facility → Calendar Sync.

What syncs

Booking change	Calendar result
Approved booking	Creates a calendar event
Cancellation	Deletes the calendar event
Reschedule or update	Updates the existing calendar event

Next step: Continue to Troubleshooting.

7. Troubleshooting

Use this section to check the most common setup problems before you dig into lower-level debugging.

Q&A

Widget not showing: Check that your API key is valid and your domain is included in allowedOrigins.
Availability shows no slots: Confirm that schedule rules are configured in the dashboard.
Booking form not appearing: Confirm that data-enable-booking="true" is set and data-api-key is present.
Webhook not firing: Check that your endpoint returns 200 quickly and that the webhook has not been disabled.
CORS error: Add your domain to allowedOrigins for your API key.

Next step: Continue to Limits.

8. Limits

Use this section to understand the main limits you need to account for as you build and operate your integration.

Action	Limit
API keys per account	10
Widget embed loads	No limit
Booking requests	10/hour per API key
Webhook retries	3 attempts with backoff
Webhook timeout	10 seconds per attempt

Next step: Re-check Troubleshooting before launch, then enable Webhooks or Calendar Sync if your facility owners need them.