Quickstart

Get your first SkyTab integration running in 15 minutes. This guide walks you through authenticating with the API, creating an order from your platform, and listening for real-time webhook events to keep everything in sync.

Before you start, grab your API key from the Developer Dashboard. You'll find it under Settings » API Keys. For production, make sure to use your sk_live_* key instead of sk_test_*.

Step 1: Install the SDK

Choose your preferred language and install the Shift4 SDK. We provide official SDKs for JavaScript, Python, and PHP, or you can use cURL for direct HTTP requests.

# cURL is most likely already installed on your machine
curl --version

Step 2: Create your first order

Now you're ready to create an order in SkyTab. This is the core operation for food delivery platforms integrating with Shift4.

POST
/v1/orders
curl -X POST https://api.shift4.com/v1/orders \
  -H "Authorization: Bearer sk_test_1234567890abcdef" \
  -H "Content-Type: application/json" \
  -d '{
    "restaurant_id": "rest_1234567890",
    "external_id": "ubereats_order_abc123",
    "customer": {
      "name": "Sarah Johnson",
      "phone": "+1-555-234-5678",
      "email": "sarah@example.com"
    },
    "items": [
      {
        "menu_item_id": "item_margherita",
        "name": "Margherita Pizza",
        "quantity": 1,
        "price": 18.99
      }
    ],
    "delivery_type": "delivery",
    "delivery_address": {
      "street": "456 Oak Ave",
      "city": "San Francisco",
      "state": "CA",
      "zip": "94107"
    },
    "subtotal": 18.99,
    "tax": 1.52,
    "delivery_fee": 2.99,
    "total": 23.50
  }'

Perfect! You've successfully created an order in SkyTab. The order will now appear in the restaurant's kitchen display system, and they can begin preparing it.

Step 3: Listen for webhook events

Set up a webhook endpoint to listen for real-time events from SkyTab. When the restaurant updates an order status, you'll receive a notification so you can update your platform accordingly.

Create a simple webhook handler (example in Node.js):

const express = require('express');
const crypto = require('crypto');
const app = express();

app.use(express.json());

// Middleware to capture raw body for signature verification
app.use((req, res, next) => {
  let data = '';
  req.on('data', chunk => {
    data += chunk;
  });
  req.on('end', () => {
    req.rawBody = data;
    next();
  });
});

app.post('/webhooks', (req, res) => {
  // Verify webhook signature
  const signature = req.headers['x-shift4-signature'];
  const secret = process.env.WEBHOOK_SECRET;

  const hash = crypto
    .createHmac('sha256', secret)
    .update(req.rawBody)
    .digest('hex');

  if (hash !== signature) {
    return res.status(401).send('Unauthorized');
  }

  const event = JSON.parse(req.rawBody);

  // Handle different event types
  switch(event.type) {
    case 'order.created':
      console.log(`Order created: ${event.payload.id}`);
      break;
    case 'order.ready':
      console.log(`Order ready: ${event.payload.id}`);
      // Update your platform's order status
      break;
    case 'order.completed':
      console.log(`Order completed: ${event.payload.id}`);
      break;
  }

  res.send({received: true});
});

app.listen(3000, () => console.log('Webhook server running on port 3000'));

Register this webhook in the Developer Dashboard under Webhooks, and point it to your endpoint (you may need to use a tunneling service like ngrok for local development).

What's next?

You've now completed all the basics! Here are some helpful next steps:

Was this page helpful?