Partner Requirements
Stay in good standing as a GoTab Partner by meeting all of GoTab's technical and business requirements for your integration type.
Select the type of integration you are building to see GoTab's corresponding requirements and recommendations.
-
Platform Add-ons is reserved for integration partners who plan to resell their product or services to GoTab clients.
-
Single Use Add-on is reserved for integrators who build an application or service that is intended only for a specific client.
Platform Add-on
Business Requirements
- Have a minimum of 5 active connected accounts.
- Create a GoTab-specific landing page that explains your integration ( for example, 7Shifts )
- Provide required partner listing links.
- Adhere to GoTab brand and trademark guidelines. For example, while you may reference your partnership with us, or note that your offering works “with GoTab” or “for GoTab,” or is “powered by GoTab,” you may not use “GoTab” as part of the name of your offering (including, for example, in your domain name, social media handle, app name, and so on).
- Sign a Developer Processing Agreement if your application will act as a third party service and have access to guest/customer information.
- OAuth 2.0 and GoTab's marketplace listing.
Integration Requirements
- Use GoTab's APIs to access GoTab's accounts and data.
- Maintain physical, electronic, and procedural safeguards designed to protect the Information.
- At a minimum, TLS 1.2 should be used for log-in pages or any other pages where data or personal information is being entered.
- Certify your application before any live customers are added to the platform.
Best Practices
- Do not expose location data to users or guest that do not have permissions for the specific account or location.
- Do not store card data in GoTab outside of GoTab's customer profile card on file application.
- Frequently check the change log to ensure your application is utilizing the latest features and endpoints.
- You should put in place control mechanisms to make sure that access to data is restricted to operational staff that need it, and that you have appropriate policies and training in place for those staff regarding data use and security.
Single Use Add-on
Business Requirements
- Have a minimum of 1 active connected account but no more than the maximum number of active locations associated with the account.
- Adhere to GoTab brand and trademark guidelines. For example, while you may reference your partnership with us, or note that your offering works “with GoTab” or “for GoTab,” or is “powered by GoTab,” you may not use “GoTab” as part of the name of your offering (including, for example, in your domain name, social media handle, app name, and so on).
Integration Requirements
- Use GoTab's APIs to access GoTab's accounts and data.
- Maintain physical, electronic, and procedural safeguards designed to protect the Information
- At a minimum, TSL 2.0 should be used for log-in pages or any other pages where data or personal information is being entered, though we recommend that all logged-in pages are secured with TLS 1.2.
- API AccessId and AccessSecret and no GoTab marketplace listing.
Best Practices
- Do not expose location data to users or guest that do not have permissions for the specific account or location.
- Do not store card data in GoTab outside of GoTab's customer profile card on file application.
- Frequently check the change log to ensure your application is utilizing the latest features and endpoints.
- You should put in place control mechanisms to make sure that access to data is restricted to operational staff that need it, and that you have appropriate policies and training in place for those staff regarding data use and security.
Updated over 1 year ago