Authentication Basics

The RegOnline API uses a token based authentication mechanism to validate a user. A user accessing the the API can access their token in 2 ways:

1) By calling the Login API method and passing the username and password of a RegOnline user

2) By logging into your RegOnline account and going to your user profile page on the Account tab (see below)

Your API token will never change unless you reset it through the user interface. You should not call the Login method for each request. After the initial login you should store the API token in a secure location in your application for subsequent calls. It can be stored across sessions by placing it in a secure configuration file or can be stored in memory of your application for the life of the user’s session.

Passing the Token

When calling any method in the RegOnline API you should pass the token in the HTTP Headers collection using the key “APIToken”. See the example below:

Via HTTP Header

C# Example (Full Example)

Context.Request.Headers.Add("APIToken", "<TOKEN>");

Via Querystring
The API token will also be accepted via the querystring using the same key in order to facilitate JSONP supported calls.

JavaScript Example (Full Example)

        function GetPublicEvents() {
            if (!apiToken) return;
                url: '',
                dataType: 'jsonp',
                    filter: JSON.stringify(''),
                    orderBy: JSON.stringify(''),
                    APIToken: encodeURI(apiToken)
                success: function (response) {
                    if (response.d.Success) {
                        for (var i = 0; i < response.d.Data.length; i++) {
                            var e = response.d.Data[i];
                            var startDate = e.StartDate ? new Date(parseInt(e.StartDate.replace(/[^d]/g, ''))) : '';
                            $('div#results').append("<div><a target='_blank' href='" + e.ID + "'>" + e.Title + '</a> - ' + startDate + '</div>');
                    else alert(response.d.Message);

Via SOAP Header

Element Name:

<s:complexType name="TokenHeader">
    <s:element minOccurs="0" maxOccurs="1" name="APIToken" type="s:string"/>

PHP Example (Full Example)

        $client = new SoapClient($wsdl, 
		  "trace"      => 1,		// enable trace to view what is happening
		  "exceptions" => 0,		// disable exceptions
		  "cache_wsdl" => 0) 		// disable any caching on the wsdl, encase you alter the wsdl server
        // Login
	$result = $client->Login(array("username" => "<USERNAME>", "password" =>"<PASSWORD>"));
	// Get the API Token
	$apiToken = $result->LoginResult->Data->APIToken;
	// Setup the SOAP Header
	$authHeader = new AuthHeader();
	$authHeader->APIToken = $apiToken;
	$header[] = new SoapHeader('', 
                            $authHeader, false


We currently only all users in the Default Full Access role to call the RegOnline API. We recommend creating a service account user in this role you can use for making calls to the API instead of using one of your actual users.

Posted: July 22nd, 2011

RegOnline by Lanyon is the easy-to-use, affordable online registration and event management software. Turn your next conference, meeting, trade show into a huge success. Event management solutions include online registration forms, event websites, badges, event marketing, credit card processing and so much more. Sign up today for a free trial.

TRUSTe online privacy certification Lanyon Solutions, Inc.
717 North Harwood
Dallas, Texas 75201
email: | Toll Free: 1-888-351-9948


© Copyright 2017 | RegOnline by Lanyon | All Rights Reserved