Hi everyone,
I am developing a custom direct booking website using the OwnerRez API v2. I need guidance on the correct workflow to convert a "Quote" into a confirmed "Booking" while ensuring OwnerRez handles the payment processing and card storage.
My Goal: I want OwnerRez to remain the "System of Truth" for all financials. I do not want to charge the card on my own backend and simply record a manual payment. Instead, I want to collect the card details on my site and pass them to OwnerRez to execute the charge and save the card for future scheduled payments (second payment, security deposit, etc.).
My Current Setup:
Stack: Custom React/Node frontend.
Processor: Stripe (integrated via OwnerRez).
Flow: I am using Stripe Elements on my frontend to generate a Payment Method ID (pm_...).
The Question: Once I have the pm_... token from Stripe and a valid Quote ID from OwnerRez, which specific API endpoint sequence should I use?
I am looking for the equivalent of a "Process & Book" endpoint where I can send:
The Quote ID
The Stripe Payment Method Token
The Authorization to charge the deposit amount
Is the correct path to use POST /v2/quotes/{id}/book? If so, how do I format the payload to include the Stripe token so that OwnerRez:
Charges the deposit immediately.
Tokens/Saves the card to the guest record for the future balance due.
Any documentation references or JSON payload examples for this specific "Handoff" workflow would be greatly appreciated.
Thanks!
Hi everyone,
As noted, I am building a custom direct booking site (Headless React/Node) and I have hit a specific architectural roadblock regarding PCI compliance and the "Merchant of Record" workflow.
My Goal: I want to collect credit card details on my site (using Stripe Elements) to maintain a seamless, on-brand UX, but I want OwnerRez to handle the actual charging and card storage.
Ideal State: My site generates a Stripe Payment Method ID (pm_...) -> I pass this token to OwnerRez via API -> OwnerRez executes the charge and saves the card for future auto-payments (balance due).
Constraint: I am trying to avoid a full page redirect to the hosted OwnerRez payment form if at all possible.
My Research So Far: Based on the API v2 documentation and previous forum discussions, my understanding is that this "Pass-Through" workflow is strictly blocked for standard API integrations due to PCI compliance. It appears that only certified Channel Partners (using the OLB API) are permitted to inject tokens or raw card data.
The Question: Is my assessment correct that there is zero capability in the current v2 API for a standard app to pass a payment_method_id or token to create a booking?
If I am mistaken, could someone point me to the specific endpoint or payload parameter that accepts a Stripe Token?
If I am correct (and this is impossible), I will proceed with building my own "Merchant of Record" logic (handling the Stripe charges and scheduling future payments on my own backend), but I wanted to double-check before I commit to rebuilding that entire billing engine myself.
Thanks for the clarification!
