1. Home
Healthier Business Group
  • Healthier Business Group
  • Integrations
  • Virtual BLS APIs
    • Authentication
      • Exchange credentials for a token pair
      • Refresh an access token
      • Inspect the current token
      • Revoke the current token
    • Client
      • Get your unique booking URL
      • Get credit and money balances
      • List wallet transactions
    • Timeslots
      • List available timeslots
      • Hold a timeslot
      • Release a slot hold
    • Bookings
      • List bookings
      • Create a booking
      • Get a single booking
      • Download a certificate
    • Webhook Endpoints
      • List webhook endpoints
      • Create a webhook endpoint
      • Get a webhook endpoint
      • Update a webhook endpoint
      • Delete a webhook endpoint
      • Rotate the signing secret
      • Send a test event
    • Webhook Events
      • Booking created
      • Booking confirmed ā€” candidate paid
      • Booking rescheduled
      • Booking cancelled
      • Attendance marked
      • Equipment return overdue
      • Certificate available
      • Test event
    • Courses
      • List active courses
  • Practical Training APIs
    • Authentication
      • Exchange credentials for a token pair
      • Refresh an access token
      • Inspect the current token
      • Revoke the current token
    • Client
      • Get your unique booking URL
      • Get account profile
      • Get credit and money balances
      • List wallet transactions
    • Courses
      • List active courses
    • Locations
      • List training locations
    • Training Events
      • List upcoming training events
      • Get a training event
      • Hold a seat (30 minutes)
      • Release a seat hold
    • Bookings
      • List bookings
      • Create a booking
      • List no-show bookings
      • Get a booking
      • Cancel a booking
      • Download completion certificate (PDF)
    • Booking Invites
      • List booking invites
      • Create and send a booking invite
      • Get a booking invite
    • Webhook Endpoints
      • List webhook endpoints
      • Register a webhook endpoint
      • Get a webhook endpoint
      • Update a webhook endpoint
      • Delete a webhook endpoint
      • Rotate the signing secret
      • Send a test delivery
    • Webhook Events
      • Booking Created
      • Booking Confirmed (Stripe Payment)
      • Booking Rescheduled
      • Booking Cancelled
      • Attendance Marked
      • Candidate No-Show
      • Certificate Available
      • Booking Invite Sent
      • Booking Invite Opened
      • Booking Invite Used
      • Credit Balance Low
      • Credit Balance Depleted
      • Money Balance Low
      • Money Balance Depleted
      • Training Event Seats Running Low
      • Seat Hold Expired
      • Test Event
  • Registration Assurance Monitoring APIs
    • Authentication
      • Obtain access token
      • Refresh access token
      • Get token info
      • Revoke current token
    • Workers
      • List workers
      • Create worker
      • Get worker
      • Update worker
      • Partially update worker
      • Delete worker
    • Verification
      • Verify single worker
      • Get worker verification history
      • Batch verify all workers
      • Get verification job status
    • Alerts
      • List alerts
      • Get alert
      • Acknowledge single alert
      • Acknowledge alerts in bulk
    • Monitoring
      • Update worker monitoring settings
      • Bulk update monitoring settings
    • Evidence
      • List worker evidence files
      • Get evidence metadata
      • Download evidence file
    • Billing
      • Get billing and usage summary
    • Imports
      • List worker imports
      • Upload worker CSV import
      • Get worker import status
    • Team
      • List available team roles
      • List team users
      • Create team user
      • Get team user
      • Update team user
      • Delete team user
    • Webhooks
      • List webhook endpoints
      • Create webhook endpoint
      • Get webhook endpoint
      • Update webhook endpoint
      • Delete webhook endpoint
      • Rotate webhook secret
      • Queue test webhook delivery
  • HB Portal APIs V2
    • Authentication
      • Get access token
      • Refresh access token
      • Get token info
      • Revoke current token
    • Reference Requests
      • References
        • Get reference detail
        • Download reference PDF
      • List reference requests
      • Create reference request
      • Get reference request
      • Cancel reference request
      • Add referee to request
      • Send reminders
    • Candidate Requests
    • Training Requests
    • OH Requests
    • Practical Training Requests
    • BLS Requests
    • Appraisal Requests
    • Certificate Requests
    • Training Verification Requests
    • Webhooks
      • List webhook endpoints
      • Create webhook endpoint
      • Update webhook endpoint
      • Delete webhook endpoint
      • View webhook call logs
      • Send test webhook
    • Templates
      • List form templates
  • HB Portal APIs V1 - Deprecated
    • Candidate Requests
      • Get All Candidates
      • Get Candidate Data
      • Create New Candidate
      • Update Candidate Details
    • Training Requests
      • Get Available Trainings
      • Get Candidate Course Result
      • Get Candidate Training Report
      • Get Candidate Training Report - Unassigned
    • OH Requests
      • Get Available Forms
      • Get Form Fields
      • Creating a new submission
      • Modifying the details of an existing submission (Upload Documents)
      • Make final form submission (after uploading documents)
      • Get submission list
      • Retrieve submission result details
      • Retrieve the submission result documents for the employer
    • Certificates Requests
      • Get Training Certificate
      • Get Training Certificate - including expired
      • Get Training Certificate - including non-assigned courses, but excluding expired
      • Get Training Certificate - All available courses
      • Get Training Certificate - Specific Course
    • Webhooks
      • Training Completion
      • Course Completion
  • HB Services APIs
    • List Interview Bookings
  • Practical Training Legacy APIs - Deprecated
    • Bookings
      • Get Past Bookings
      • Get Upcoming Bookings
      • Search Bookings by Date
    • Booking Links
      • Search Booking Links
  • Schemas
    • InterviewBooking
    • TokenRequest
    • CourseItem
    • Pagination
    • TokenResponse
    • ReferenceRequest
    • RefreshRequest
    • BookingsResponse
    • Reference
    • TokenInfo
    • MessageResponse
    • BookingLinksResponse
    • ReferenceDetail
    • ClientProfile
    • CreateReferenceRequest
    • Worker
    • CreditsResponse
    • RefereeInput
    • WorkerResponse
    • SlotItem
    • Transaction
    • Template
    • WorkerPaginatedResponse
    • TimeslotsResponse
    • TransactionListResponse
    • StoreWorkerRequest
    • HoldRequest
    • Course
    • CreateWebhookEndpoint
    • UpdateWorkerRequest
    • HoldResponse
    • Location
    • UpdateWebhookEndpoint
    • VerificationCheck
    • LocationListResponse
    • WebhookCall
    • VerificationCheckPaginatedResponse
    • BookingResource
    • CourseRef
    • WebhookPayload
    • VerifyQueuedResponse
    • PaginatedBookings
    • LocationRef
    • VerifyBatchResponse
    • PaginatedTransactions
    • TrainerRef
    • VerificationJobStatus
    • CreateWebhookRequest
    • TrainingEvent
    • Error
    • Alert
    • UpdateWebhookRequest
    • TrainingEventDetail
    • RateLimitError
    • AlertPaginatedResponse
    • WebhookEndpointResource
    • TrainingEventListResponse
    • ValidationError
    • BulkAcknowledgeAlertsRequest
    • WebhookCreatedResponse
    • SlotHoldResponse
    • AcknowledgeCountResponse
    • ConflictHold
    • UpdateMonitoringSettingsRequest
    • CandidateInfo
    • Booking
    • BulkUpdateMonitoringSettingsRequest
    • EvidenceFile
    • BookingDetail
    • EvidenceFilePaginatedResponse
    • BookingListResponse
    • BillingUsageResponse
    • CreateBookingRequest
    • StoreWorkerImportRequest
    • BookingInviteRef
    • BookingInvite
    • WorkerImport
    • WorkerImportPaginatedResponse
    • BookingInviteListResponse
    • TeamUser
    • CreateBookingInviteRequest
    • WebhookEndpoint
    • TeamUserPaginatedResponse
    • StoreTeamUserRequest
    • WebhookEndpointWithSecret
    • UpdateTeamUserRequest
    • WebhookEndpointListResponse
    • CreateWebhookEndpointRequest
    • WebhookEndpointPaginatedResponse
    • UpdateWebhookEndpointRequest
    • StoreWebhookEndpointRequest
    • WebhookEnvelope
    • PaginationMeta
    • PaginationLinks
    • CreateWebhookEndpointResponse
    • RotateWebhookSecretResponse
    • ErrorResponse
    • ValidationErrorResponse
    • WebhookTestRequest
    • WebhookTestQueuedResponse
    • WebhookEventStatusChanged
    • WebhookEventInitialVerification
Home
HB PortalRequest API access
Home
HB PortalRequest API access
X
Instagram
LinkedIn
  1. Home

Healthier Business - TDTA - Practical Training

šŸ“Œ
āš ļø This API is in beta. Endpoint shapes, event payloads, and behaviour may change before general availability. Breaking changes will be communicated to registered integrators in advance.

TDTA Client API - Overview#

The TDTA Client API lets agency integrators programmatically manage training bookings, discover upcoming sessions, send booking invites to candidates, and receive real-time webhook notifications for booking lifecycle events.
Base URL: https://tdta.hbcompliance.co.uk/api/v1

Authentication#

All protected endpoints require a Bearer token in the Authorization header:
Authorization: Bearer <access_token>
Obtain a token pair via POST /auth/token. Access tokens expire after 1 hour; use POST /auth/refresh (valid 7 days) to rotate without re-entering credentials.

Pagination#

All list endpoints return a consistent envelope:
{
  "data": [ ... ],
  "meta": {
    "current_page": 1,
    "per_page": 20,
    "last_page": 5,
    "total": 98
  },
  "links": {
    "next": "https://tdta.hbcompliance.co.uk/api/v1/bookings?page=2",
    "prev": null
  }
}

Rate Limiting#

60 requests per minute per IP. Exceeding this returns 429 Too Many Requests.

Errors#

StatusMeaning
401Missing or invalid bearer token
404Resource not found or not owned by your account
409Conflict (e.g. active hold already exists)
422Validation failed or business rule violation
429Rate limit exceeded
500Server error ā€” contact support

Webhooks#

Outbound webhook events are delivered to your registered endpoints via POST. All events share the same envelope:
{
  "event_id": "018f4a2b-1234-7000-8abc-def012345678",
  "event_type": "booking.created",
  "occurred_at": "2026-06-05T10:00:00+00:00",
  "data": { ... }
}

Signature Verification#

Every request includes these headers:
HeaderDescription
X-TDTA-EventEvent type, e.g. booking.created
X-TDTA-Event-IdUUID of the event ā€” use for idempotency
X-TDTA-Delivery-IdNumeric delivery attempt ID
X-TDTA-TimestampUnix timestamp of dispatch (seconds)
X-TDTA-Signaturesha256=<hmac> ā€” see below
Computing the expected signature:
signature = HMAC-SHA256(signing_secret, "{timestamp}.{raw_json_body}")
expected  = "sha256=" + signature
Compare expected with X-TDTA-Signature using a constant-time comparison to prevent timing attacks. Reject requests where |now() - X-TDTA-Timestamp| > 300 (5-minute replay window).
PHP:
Python:

Retries#

Deliveries are retried up to 5 times with a 15-minute backoff on any non-2xx response or timeout. Return any 2xx status to acknowledge receipt.

Contact & Support#

Support emailhttps://hbcompliance.co.uk/contact-us/
Bug reports / feedbackhttps://hbcompliance.co.uk/contact-us/
ProviderThe Direct Training Academy - by Healthier Business Group
For urgent issues affecting live bookings, email with the subject line [API URGENT] and include your hb_client_id and any relevant booking_id or event_id.
Modified atĀ 2026-06-05 10:38:51
Previous
List active courses
Next
Exchange credentials for a token pair
Built with