Developer documentation

Build on Hesett.

REST API for menus, orders, reservations, payments, QR codes, inventory and webhooks. JSON in, JSON out. JavaScript and Python SDKs ready to drop into your stack.

Base URL
https://api.hesett.com/v1
Rate limit
1,000 requests / minute / API key
Quick start

Three minutes to your first successful API call.

01
Get an API key

Generate a key from your dashboard at Settings โ†’ Developers. Test keys start with sk_test_, live keys with sk_live_.

02
Authenticate

Send your key as a Bearer token in the Authorization header on every request.

03
Make a call

Hit GET /dashboard/overview to verify the connection. You should see your venue's today-revenue, covers, and top dishes.

API reference

Every endpoint your dashboard uses, exposed publicly. JSON request/response, predictable error codes, idempotency keys on writes.

Authentication

Bearer-token auth on every endpoint. Pass your API key in the Authorization header. Test keys start with sk_test_, live keys with sk_live_. Rotate keys monthly.

bash
curl https://api.hesett.com/v1/dashboard/overview \
  -H "Authorization: Bearer sk_test_xxx"

Dashboard

Read aggregate venue metrics: today and week revenue, top dishes, covers, average ticket, tip rate, scan-to-order conversion.

GET/dashboard/overviewToday + week KPIs in one payload.
GET/dashboard/analyticsHistorical analytics (day / week / month).

Orders

The same feed your kitchen reads. Subscribe to the webhook for real-time push, or poll if you must.

GET/ordersActive orders, filterable by status.
POST/ordersCreate an order programmatically.
PUT/orders/{id}/statusMove through status flow.

Reservations

Bookings, walk-ins, table assignments. Trigger SMS reminders, confirm with a tap.

GET/reservationsToday and upcoming.
POST/reservationsCreate a reservation.

Payments

Stripe-backed. Refunds, statements, payouts. PCI-DSS Level 1 โ€” your servers never see the card.

POST/payments/processProcess a card payment via Stripe Connect.
GET/payments/statementsDaily, weekly, monthly statements.

QR Codes

Static or dynamic QR codes per table. Scan analytics included.

POST/qr-codes/generateGenerate a QR for a table.
GET/qr-codes/{id}Scan count, last scanned, deeplink.

Inventory

Stock tracking with reorder alerts and COGS calculation.

GET/inventory/itemsList inventory items with stock levels.
PUT/inventory/items/{id}/stockAdjust stock after delivery.

Webhooks

Subscribe to events instead of polling. We retry with exponential backoff and sign every payload with HMAC-SHA256.

javascript
// Express endpoint
app.post('/hesett/webhook', (req, res) => {
  const sig = req.headers['hesett-signature'];
  if (!verify(sig, req.rawBody, WEBHOOK_SECRET)) return res.status(401).end();
  const event = req.body;
  if (event.type === 'order.created') {
    enqueueKitchen(event.data);
  }
  res.status(200).end();
});

SDKs

Official SDKs for JavaScript / TypeScript and Python. Generated from the same OpenAPI spec the dashboard consumes.

javascript
import { Hesett } from '@hesett/sdk';

const hesett = new Hesett({ apiKey: process.env.HESETT_KEY });

const overview = await hesett.dashboard.overview();
console.log(overview.todayRevenue);

Error handling

Every error returns a JSON body with code, message, and request_id. HTTP status codes follow conventions: 4xx for client errors, 5xx for ours.

javascript
try {
  await hesett.orders.create({ /* ... */ });
} catch (err) {
  if (err.code === 'rate_limited') backoff();
  else if (err.code === 'invalid_request') logToSentry(err);
  else throw err;
}
Sandbox + sample data

Need an API key or a sandbox?

Reach out to our team and we will provision a sandbox tenant with a sample menu, sample orders, and test webhooks within a business day.

Request access