Reference
Local API Reference
Local Hono API map for auth, imports, admin, events, rego, check-in, inventory, POS, HR, communications, machine clients, and native status.
Use This Reference Carefully
Use this guide when event work may happen on local devices, offline files, or LAN-only tools instead of the live online dashboard. In this guide, Local API Reference narrows that work to local Hono API map for auth, imports, admin, events, rego, check-in, inventory, POS, HR, communications, machine clients, and native status. Because this is a reference page, read it as part of the EMS LAN learning path rather than as an isolated checklist.
EMS LAN keeps an event moving when internet access is unreliable, but it also creates a second place where event records can change. Read the page for the decision it helps a person make, then use the steps and checks as a steady path from context to action to proof.
What This Reference Collects
This page is for checking details. Use it to confirm names, routes, records, fields, or certification points before relying on memory. The intended readers are Support leads, Headless-device integrators, and LAN admins. If the guide names a dashboard route, service area, export, or record type, treat that name as a pointer to real operational responsibility.
- Primary surface or service: /api.
- Records or contracts involved: Local sessions, Machine tokens, Event records, and Communications records.
- Main care point: Watch for losing track of which file, device, person, or import is trusted while attendee, staff, inventory, POS, or check-in records change offline.
- Proof worth keeping: event ID, snapshot filename, export time, device owner, import summary, sync-history entry, reconciliation count, and supervisor note.
How To Find The Right Entry
- Search for the exact name or route: Begin by naming the EMS LAN situation, the owner, and the exact item involved in Local API Reference.
- Read the surrounding note, not only the matching line: Use /api to connect the words on the page to the screen, file, service route, or record that people actually use.
- Compare the reference with the live screen, file, or service evidence: Keep Local sessions, Machine tokens, Event records, and Communications records in view so the work stays tied to the records or contracts it can affect.
- Save the evidence that proves the entry was checked: Before handing off, save proof such as event ID, snapshot filename, export time, device owner, import summary, sync-history entry, reconciliation count, and supervisor note so the next lead can tell which file and device state are trusted.
Confirm The Reference Still Matches Reality
You are ready to use the rest of this page when the purpose, owner, affected information, and proof are all clear enough for a second person to review.
- Scope is named: The work is tied to the correct page, event, report, route, file, person, or record.
- Impact is understood: The operator can explain the effect on offline files, check-in access, staff rosters, inventory counts, POS totals, and import history.
- Proof is findable: The handoff points to evidence that the next lead can tell which file and device state are trusted.
End-to-end operator runbook
Use this numbered runbook when using or troubleshooting the local API.
- Step 1 - Identify the thing being verified. Confirm whether the caller is browser session, local admin, global
LAN_API_TOKEN, or event-bound machine token. This determines authorization. - Step 2 - Translate the technical name into plain language. Identify the endpoint family: auth, import, admin, event operations, communications, native, or media. This narrows the contract.
- Step 3 - Match the route, file, or record to real workflow. Call the endpoint with the expected method, event ID, token, and body. This performs the local API operation.
- Step 4 - Collect enough evidence to avoid guessing. Verify event-bound tokens only access matching
/api/events/:eventId/**routes and admin endpoints require local admin. This protects access boundaries. - Step 5 - Confirm implementation and docs agree. Check the UI or local store state after mutations. This proves the API did what operators expect.
- Step 6 - Send the result to the right owner. Revoke unused machine tokens and document headless clients. This keeps API access controlled.
Core and auth
| Endpoint | Purpose |
|---|---|
GET /api/health | Runtime health. |
GET /api/native/status | Android wrapper compatibility and capability status. |
GET /api/config | API and app config. |
GET /api/events | Imported event list. |
GET /api/auth/bootstrap-status | Bootstrap account readiness. |
GET /api/auth/https-status | HTTPS and certificate status. |
GET /api/auth/https-root-cert | Download local root certificate. |
POST /api/auth/login | Local login. |
POST /api/auth/logout | Local logout. |
GET /api/auth/me | Current local user. |
Imports and admin
| Endpoint family | Purpose |
|---|---|
/api/imports/event-snapshot | Import JSON snapshot body. |
/api/imports/event-snapshot/file | Import snapshot file. |
/api/imports/live-link | Pull snapshot from partners-api. |
/api/admin/local-users | Create, update, delete local users. |
/api/admin/events/:eventId/machine-tokens | Create, update, revoke event-bound tokens. |
DELETE /api/admin/events/:eventId/registrations | Wipe local event registrations when explicitly authorized. |
Event operations
| Endpoint family | Purpose |
|---|---|
/api/events/:eventId/check-in/** | Entries, detail, settings, check-in mutation, claim mutation. |
/api/rego/event-regos/:eventId | Attendee rego list. |
/api/regos/:regoId/** | Payment status and email preview/send. |
/api/events/:eventId/dealers-den/regos/** | Dealer rego list, status, delete. |
/api/events/:eventId/inventory/** | Inventory settings, stock, POS quotes, transactions. |
/api/events/:eventId/human-resources/** | HR, roster, live tracker. |
/api/events/:eventId/rego/analytics | Local rego analytics. |
Communications
| Endpoint family | Purpose |
|---|---|
/api/events/:eventId/communications | Bootstrap channel, private, and notification state. |
/channels, /messages, /attachments | Text, uploads, and feed data. |
/conversations, /calls, /signals | DMs, groups, private calls, WebRTC signaling. |
/presence, /voice/presence | Text and media presence. |
/pins, /reactions | Pins and emoji reactions. |
/notifications, /notifications/stream | Local notification events and stream. |
/media/livekit-token, /api/communications/media/status | LiveKit media runtime. |