Furries PH Docs
Dashboard
Platform adoption docs

Reference

Capability Route Inventory

Inventory-generated capability reference for every mounted Furries PH platform route.

AudiencePartner administrators, Event leads, Adoption leads, Integration owners, Auditors
Dashboard surfacespartners.furries.ph, rego.furries.ph, EMS LAN integrations
Records touchedAPI service expectations

Use This Reference Carefully

Use this guide when a route, request, response, permission model, integration, or deployment behavior needs to be understood before people rely on it. In this guide, Capability Route Inventory narrows that work to inventory-generated capability references for every mounted partners-api route. Because this is a reference page, read it as part of the Platform adoption learning path rather than as an isolated checklist.

An API is a contract between systems. Even technical changes can affect attendee records, dashboard behavior, notifications, payments, files, or staff tools. Read the page for the decision it helps a person make, then use the steps and checks as a steady path from context to action to proof.

What This Reference Collects

This page is for checking details. Use it to confirm names, routes, records, fields, or certification points before relying on memory. The intended readers are Integration owners, Adoption leads, and Auditors. If the guide names a dashboard screen, service area, export, or record type, treat that name as a pointer to real operational responsibility.

  • Primary surface or service: partners-api.
  • Records or contracts involved: API service expectations.
  • Main care point: Watch for using a service route with the wrong actor, changing a response another app depends on, leaking a secret, or triggering the same side effect twice.
  • Proof worth keeping: route inventory, method and path, auth model, request and response shape, platform owner confirmation, test result, consumer note, and deployment evidence.

How To Find The Right Entry

  1. Search for the exact name or route: Begin by naming the Platform adoption situation, the owner, and the exact item involved in Capability Route Inventory.
  2. Read the surrounding note, not only the matching line: Use partners-api to connect the words on the page to the screen, file, route, or service trail that people actually use.
  3. Compare the reference with the live screen, file, or service evidence: Keep API service expectations in view so the work stays tied to the records or contracts it can affect.
  4. Save the evidence that proves the entry was checked: Before handing off, save proof such as route inventory, method and path, auth model, request and response shape, platform owner confirmation, test result, consumer note, and deployment evidence so an adoption lead and a non-specialist reviewer can understand what the route does and how it was verified.

Confirm The Reference Still Matches Reality

You are ready to use the rest of this page when the purpose, owner, affected information, and proof are all clear enough for a second person to review.

  1. Scope is named: The work is tied to the correct page, event, report, route, file, person, or record.
  2. Impact is understood: The operator can explain the effect on callers, records, permissions, secrets, side effects, and downstream apps.
  3. Proof is findable: The handoff points to evidence that an adoption lead and a non-specialist reviewer can understand what the route does and how it was verified.

End-to-end adoption runbook

  1. Step 1 - Name the API workflow and owner: Identify the product area, organization owner, service path, and relying team before adopting a workflow or integration.
  2. Step 2 - Read the contract in human terms: Check who can use it, what information is exchanged, what can fail, what records change, and what proof the adopting team must keep.
  3. Step 3 - Prepare auth and input deliberately: Confirm the right role, account, partner, event, and approved data before depending on the workflow.
  4. Step 4 - Use or request the route in the right environment: Use the approved dashboard, rego, LAN, or integration environment and keep credentials out of notes, screenshots, and exports.
  5. Step 5 - Check returned data and real side effects: Confirm the visible result, affected records, external action, and review evidence in plain language.
  6. Step 6 - Record tests, docs, and handoff notes: Record the owner, expected behavior, adoption evidence, and escalation path before relying on it in production.

Inventory summary

  • Generated at: 2026-07-04T20:46:32.370Z
  • Service areas scanned: 48
  • Mounted capability declarations: 55
  • Capability entries including aliases: 396
  • Inventory JSON: memory-bank/generated/partners-api-route-inventory.json
  • Inventory Markdown: memory-bank/generated/partners-api-route-inventory.md

Capability table

MethodPathService areaAccess noteInternal trace
GET/api/admin/attendeesstaffProfiles.tsPartner dashboard session required.partners-api/src/routes/staffProfiles.ts:116
GET/api/admin/user-profilesstaffProfiles.tsPartner dashboard session required.partners-api/src/routes/staffProfiles.ts:27
POST/api/eventsmutations.tsPartner dashboard session required.partners-api/src/routes/mutations.ts:156
GET/api/events/:idrows.tsPartner dashboard session required.partners-api/src/routes/rows.ts:397
PUT/api/events/:idmutations.tsPartner dashboard session required.partners-api/src/routes/mutations.ts:242
GET/api/events/check-rego-ref-prefixmutations.tsPartner dashboard session required.partners-api/src/routes/mutations.ts:201
GET/api/img/:filenameimgProxy.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/imgProxy.ts:19
POST/api/incidentsmutations.tsPartner dashboard session required.partners-api/src/routes/mutations.ts:579
PUT/api/incidents/:idmutations.tsPartner dashboard session required.partners-api/src/routes/mutations.ts:618
PATCH/api/incidents/:id/actionsmutations.tsPartner dashboard session required.partners-api/src/routes/mutations.ts:684
POST/api/incidents/:id/cross-ban-decisionmutations.tsPartner dashboard session required.partners-api/src/routes/mutations.ts:836
POST/api/internal/test-runstestRuns.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/testRuns.ts:1359
DELETE/api/internal/test-runs/:runId/assetstestRuns.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/testRuns.ts:2779
POST/api/internal/test-runs/:runId/assetstestRuns.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/testRuns.ts:2751
POST/api/internal/test-runs/:runId/cleanuptestRuns.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/testRuns.ts:2585
POST/api/internal/test-runs/:runId/dashboard-sessiontestRuns.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/testRuns.ts:1396
POST/api/internal/test-runs/:runId/rego-sessions/bulktestRuns.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/testRuns.ts:1424
DELETE/api/internal/test-runs/:runId/rootstestRuns.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/testRuns.ts:2729
POST/api/internal/test-runs/:runId/rootstestRuns.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/testRuns.ts:2700
POST/api/internal/test-runs/:runId/seed/eventtestRuns.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/testRuns.ts:1939
POST/api/internal/test-runs/:runId/seed/social-graphtestRuns.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/testRuns.ts:1796
POST/api/internal/test-runs/:runId/seed/stafftestRuns.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/testRuns.ts:1624
GET/api/internal/test-runs/:runId/snapshottestRuns.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/testRuns.ts:2801
POST/api/internal/test-runs/:runId/state/fast-forwardtestRuns.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/testRuns.ts:2502
POST/api/internal/test-runs/:runId/suppress-side-effectstestRuns.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/testRuns.ts:2674
POST/api/internal/test-runs/:runId/verifytestRuns.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/testRuns.ts:2820
POST/api/internal/test-runs/sweeptestRuns.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/testRuns.ts:2633
POST/api/managemutations.tsPartner dashboard session required.partners-api/src/routes/mutations.ts:156
GET/api/manage/:idrows.tsPartner dashboard session required.partners-api/src/routes/rows.ts:397
PUT/api/manage/:idmutations.tsPartner dashboard session required.partners-api/src/routes/mutations.ts:242
GET/api/manage/check-rego-ref-prefixmutations.tsPartner dashboard session required.partners-api/src/routes/mutations.ts:201
GET/api/partner-directoryrows.tsPartner dashboard session required.partners-api/src/routes/rows.ts:1175
POST/api/pawsports/bindmutations.tsPartner dashboard session required.partners-api/src/routes/mutations.ts:449
GET/api/person-profilespersonProfiles.tsPartner dashboard session required.partners-api/src/routes/personProfiles.ts:18
POST/api/person-profilespersonProfiles.tsPartner dashboard session required.partners-api/src/routes/personProfiles.ts:77
DELETE/api/person-profiles/:idpersonProfiles.tsPartner dashboard session required.partners-api/src/routes/personProfiles.ts:152
PUT/api/person-profiles/:idpersonProfiles.tsPartner dashboard session required.partners-api/src/routes/personProfiles.ts:125
POST/api/person-profiles/:id/linkspersonProfiles.tsPartner dashboard session required.partners-api/src/routes/personProfiles.ts:171
DELETE/api/person-profiles/:id/links/:reportIdpersonProfiles.tsPartner dashboard session required.partners-api/src/routes/personProfiles.ts:204
GET/api/platform-feesrows.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/rows.ts:1233
GET/api/profileprofile.tsPartner dashboard session required.partners-api/src/routes/profile.ts:47
PUT/api/profileprofile.tsPartner dashboard session required.partners-api/src/routes/profile.ts:177
GET/api/profile/photoprofile.tsPartner dashboard session required.partners-api/src/routes/profile.ts:92
PATCH/api/profile/photoprofile.tsPartner dashboard session required.partners-api/src/routes/profile.ts:110
GET/api/rego/event-regos/:eventIdrows.tsPartner dashboard session required.partners-api/src/routes/rows.ts:514
GET/api/rego/event-waitlist/:eventIdrows.tsPartner dashboard session required.partners-api/src/routes/rows.ts:641
POST/api/rego/upload-imageuploadImage.tsRego auth optional for new attendee flow.partners-api/src/routes/uploadImage.ts:146
PATCH/api/regos/:id/payment-statusrows.tsPartner dashboard session required.partners-api/src/routes/rows.ts:699
POST/api/regos/:regId/emailrows.tsPartner dashboard session required.partners-api/src/routes/rows.ts:871
POST/api/regos/:regId/email-previewrows.tsPartner dashboard session required.partners-api/src/routes/rows.ts:986
GET/api/rowsrows.tsPartner dashboard session required.partners-api/src/routes/rows.ts:115
GET/api/spa/contractsspaContracts.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/spaContracts.ts:72
POST/api/upload-imageuploadImage.tsRego auth optional for new attendee flow.partners-api/src/routes/uploadImage.ts:145
POST/api/watchlist/adoptionsmutations.tsPartner dashboard session required.partners-api/src/routes/mutations.ts:773
POST/api/watchlist/grantsmutations.tsPartner dashboard session required.partners-api/src/routes/mutations.ts:740
POST/api/watchlist/master-requestsmutations.tsPartner dashboard session required.partners-api/src/routes/mutations.ts:805
POST/api/admin/discord/messagesadminDiscord.tsPartner dashboard session required.partners-api/src/routes/adminDiscord.ts:49
GET/api/admin/discord/targetsadminDiscord.tsPartner dashboard session required.partners-api/src/routes/adminDiscord.ts:11
DELETE/api/admin/events/:eventId/registrationsadmin.tsPartner dashboard session required.partners-api/src/routes/admin.ts:829
GET/api/admin/membersadmin.tsPartner dashboard session required.partners-api/src/routes/admin.ts:139
POST/api/admin/membersadmin.tsPartner dashboard session required.partners-api/src/routes/admin.ts:170
DELETE/api/admin/members/:membershipIdadmin.tsPartner dashboard session required.partners-api/src/routes/admin.ts:279
PATCH/api/admin/members/:membershipIdadmin.tsPartner dashboard session required.partners-api/src/routes/admin.ts:326
GET/api/admin/noticesnotices.tsPartner dashboard session required.partners-api/src/routes/notices.ts:218
POST/api/admin/noticesnotices.tsPartner dashboard session required.partners-api/src/routes/notices.ts:236
PATCH/api/admin/notices/:idnotices.tsPartner dashboard session required.partners-api/src/routes/notices.ts:350
GET/api/admin/partnersadmin.tsPartner dashboard session required.partners-api/src/routes/admin.ts:36
POST/api/admin/partnersadmin.tsPartner dashboard session required.partners-api/src/routes/admin.ts:51
PATCH/api/admin/partners/:partnerIdadmin.tsPartner dashboard session required.partners-api/src/routes/admin.ts:101
POST/api/admin/partners/:partnerId/cms-tokenadmin.tsPartner dashboard session required.partners-api/src/routes/admin.ts:386
GET/api/admin/platform-feeadmin.tsPartner dashboard session required.partners-api/src/routes/admin.ts:477
PATCH/api/admin/platform-feeadmin.tsPartner dashboard session required.partners-api/src/routes/admin.ts:494
GET/api/admin/platform-securityadmin.tsPartner dashboard session required.partners-api/src/routes/admin.ts:785
PATCH/api/admin/platform-securityadmin.tsPartner dashboard session required.partners-api/src/routes/admin.ts:795
PUT/api/admin/settlement-payment-providersadmin.tsPartner dashboard session required.partners-api/src/routes/admin.ts:651
GET/api/admin/settlement-settingsadmin.tsPartner dashboard session required.partners-api/src/routes/admin.ts:529
PATCH/api/admin/settlement-settingsadmin.tsPartner dashboard session required.partners-api/src/routes/admin.ts:567
GET/api/network-bans/:watchlistEntryIdnetworkBans.tsPartner dashboard session required.partners-api/src/routes/networkBans.ts:219
PATCH/api/network-bans/:watchlistEntryId/appealnetworkBans.tsPartner dashboard session required.partners-api/src/routes/networkBans.ts:533
POST/api/network-bans/:watchlistEntryId/appealnetworkBans.tsPartner dashboard session required.partners-api/src/routes/networkBans.ts:282
GET/api/network-bans/:watchlistEntryId/appeal-statusnetworkBans.tsPartner dashboard session required.partners-api/src/routes/networkBans.ts:365
GET/api/network-bans/:watchlistEntryId/appealsnetworkBans.tsPartner dashboard session required.partners-api/src/routes/networkBans.ts:428
GET/api/network-bans/appealsnetworkBans.tsPartner dashboard session required.partners-api/src/routes/networkBans.ts:14
POST/api/network-bans/appeals/:appealId/decisionnetworkBans.tsPartner dashboard session required.partners-api/src/routes/networkBans.ts:94
GET/api/network-bans/my-appealsnetworkBans.tsPartner dashboard session required.partners-api/src/routes/networkBans.ts:154
POST/api/notices/:id/acknotices.tsPartner dashboard session required.partners-api/src/routes/notices.ts:192
GET/api/notices/unackednotices.tsPartner dashboard session required.partners-api/src/routes/notices.ts:133
GET/api/org/settingsorgSettings.tsPartner dashboard session required.partners-api/src/routes/orgSettings.ts:89
PATCH/api/org/settingsorgSettings.tsPartner dashboard session required.partners-api/src/routes/orgSettings.ts:116
POST/api/org/settings/data-silo/backfillorgSettings.tsPartner dashboard session required.partners-api/src/routes/orgSettings.ts:210
GET/api/accessaccess.tsPartner dashboard session required.partners-api/src/routes/access.ts:41
GET/api/cms-tokenaccess.tsPartner dashboard session required.partners-api/src/routes/access.ts:188
GET/api/partner-directoryaccess.tsPartner dashboard session required.partners-api/src/routes/access.ts:164
POST/auth/accept-inviteauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:735
POST/auth/change-passwordauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:668
POST/auth/dev-sessionauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:538
POST/auth/exchangeauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:636
GET/auth/mfa/statusauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:403
POST/auth/mfa/totp/enrollauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:446
POST/auth/mfa/totp/unenrollauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:514
POST/auth/mfa/totp/verifyauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:474
POST/auth/otp/sendauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:223
POST/auth/otp/verifyauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:264
POST/auth/passkey/authentication/optionsauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:308
POST/auth/passkey/authentication/verifyauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:327
POST/auth/passkey/registration/optionsauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:358
POST/auth/passkey/registration/verifyauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:376
POST/auth/refreshauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:589
POST/auth/reset-passwordauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:826
POST/auth/set-passwordauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:852
POST/auth/sign-inauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:195
POST/auth/sign-outauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:704
POST/auth/sign-upauth.tsDashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.partners-api/src/routes/auth.ts:798
POST/hooks/send-emailauthEmail.tsWebhook/internal route; ask the platform owner to confirm signature or shared secret verification before use.partners-api/src/routes/authEmail.ts:864
GET/api/lan-system/releases/assets/:assetIdlanSystemReleases.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/lanSystemReleases.ts:154
GET/api/lan-system/releases/latestlanSystemReleases.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/lanSystemReleases.ts:99
GET/api/events/:id/activitiesactivities.tsPartner dashboard session required.partners-api/src/routes/activities.ts:576
PUT/api/events/:id/activitiesactivities.tsPartner dashboard session required.partners-api/src/routes/activities.ts:589
POST/api/events/:id/activities/submissions/:submissionId/reviewactivities.tsPartner dashboard session required.partners-api/src/routes/activities.ts:663
PUT/api/events/:id/addonseventConfig.tsPartner dashboard session required.partners-api/src/routes/eventConfig.ts:476
PUT/api/events/:id/check-in/:kind/:recordIdcheckIn.tsPartner dashboard session required.partners-api/src/routes/checkIn.ts:1830
PUT/api/events/:id/check-in/:kind/:recordId/claimcheckIn.tsPartner dashboard session required.partners-api/src/routes/checkIn.ts:1913
GET/api/events/:id/check-in/entriescheckIn.tsPartner dashboard session required.partners-api/src/routes/checkIn.ts:1622
GET/api/events/:id/check-in/entrycheckIn.tsPartner dashboard session required.partners-api/src/routes/checkIn.ts:1634
GET/api/events/:id/check-in/offline-snapshotcheckIn.tsPartner dashboard session required.partners-api/src/routes/checkIn.ts:1670
GET/api/events/:id/check-in/offline-snapshot/historycheckIn.tsPartner dashboard session required.partners-api/src/routes/checkIn.ts:1657
POST/api/events/:id/check-in/offline-snapshot/importcheckIn.tsPartner dashboard session required.partners-api/src/routes/checkIn.ts:1793
GET/api/events/:id/check-in/settingscheckIn.tsPartner dashboard session required.partners-api/src/routes/checkIn.ts:1584
PUT/api/events/:id/check-in/settingscheckIn.tsPartner dashboard session required.partners-api/src/routes/checkIn.ts:1597
GET/api/events/:id/communications/audiencescommunications.tsPartner dashboard session required.partners-api/src/routes/communications.ts:409
POST/api/events/:id/communications/blastscommunications.tsPartner dashboard session required.partners-api/src/routes/communications.ts:484
POST/api/events/:id/communications/previewcommunications.tsPartner dashboard session required.partners-api/src/routes/communications.ts:433
GET/api/events/:id/conditions-of-entryconditionsOfEntry.tsPartner dashboard session required.partners-api/src/routes/conditionsOfEntry.ts:39
GET/api/events/:id/conditions-of-entryconditionsOfEntry.tsPartner dashboard session required.partners-api/src/routes/conditionsOfEntry.ts:39
PUT/api/events/:id/conditions-of-entryconditionsOfEntry.tsPartner dashboard session required.partners-api/src/routes/conditionsOfEntry.ts:79
PUT/api/events/:id/conditions-of-entryconditionsOfEntry.tsPartner dashboard session required.partners-api/src/routes/conditionsOfEntry.ts:79
GET/api/events/:id/dealers-den/applicationsdealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:847
DELETE/api/events/:id/dealers-den/applications/:appIddealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:812
GET/api/events/:id/dealers-den/applications/:appIddealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:875
POST/api/events/:id/dealers-den/applications/:appId/approvedealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:901
POST/api/events/:id/dealers-den/applications/:appId/denydealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:990
GET/api/events/:id/dealers-den/packagesdealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:446
POST/api/events/:id/dealers-den/packagesdealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:462
DELETE/api/events/:id/dealers-den/packages/:pkgIddealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:501
PUT/api/events/:id/dealers-den/packages/:pkgIddealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:480
GET/api/events/:id/dealers-den/regosdealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:517
DELETE/api/events/:id/dealers-den/regos/:regoIddealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:587
PATCH/api/events/:id/dealers-den/regos/:regoIddealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:633
GET/api/events/:id/dealers-den/settingsdealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:356
PUT/api/events/:id/dealers-den/settingsdealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:396
GET/api/events/:id/google-wallet-configeventConfig.tsPartner dashboard session required.partners-api/src/routes/eventConfig.ts:104
PUT/api/events/:id/google-wallet-configeventConfig.tsPartner dashboard session required.partners-api/src/routes/eventConfig.ts:165
GET/api/events/:id/human-resourceshumanResources.tsPartner dashboard session required.partners-api/src/routes/humanResources.ts:1263
PUT/api/events/:id/human-resourceshumanResources.tsPartner dashboard session required.partners-api/src/routes/humanResources.ts:1278
POST/api/events/:id/human-resources/applications/:applicationId/reviewhumanResources.tsPartner dashboard session required.partners-api/src/routes/humanResources.ts:1544
GET/api/events/:id/human-resources/live-trackerhumanResources.tsPartner dashboard session required.partners-api/src/routes/humanResources.ts:1503
PUT/api/events/:id/inclusionseventConfig.tsPartner dashboard session required.partners-api/src/routes/eventConfig.ts:254
GET/api/events/:id/inventoryinventory.tsPartner dashboard session required.partners-api/src/routes/inventory.ts:1272
PUT/api/events/:id/inventory/on-handinventory.tsPartner dashboard session required.partners-api/src/routes/inventory.ts:1319
POST/api/events/:id/inventory/pos/quoteinventory.tsPartner dashboard session required.partners-api/src/routes/inventory.ts:1395
GET/api/events/:id/inventory/pos/transactionsinventory.tsPartner dashboard session required.partners-api/src/routes/inventory.ts:1375
POST/api/events/:id/inventory/pos/transactionsinventory.tsPartner dashboard session required.partners-api/src/routes/inventory.ts:1450
PUT/api/events/:id/inventory/settingsinventory.tsPartner dashboard session required.partners-api/src/routes/inventory.ts:1286
GET/api/events/:id/rego/analyticsregoAnalytics.tsPartner dashboard session required.partners-api/src/routes/regoAnalytics.ts:140
PUT/api/events/:id/tierseventConfig.tsPartner dashboard session required.partners-api/src/routes/eventConfig.ts:333
GET/api/manage/:id/activitiesactivities.tsPartner dashboard session required.partners-api/src/routes/activities.ts:576
PUT/api/manage/:id/activitiesactivities.tsPartner dashboard session required.partners-api/src/routes/activities.ts:589
POST/api/manage/:id/activities/submissions/:submissionId/reviewactivities.tsPartner dashboard session required.partners-api/src/routes/activities.ts:663
PUT/api/manage/:id/addonseventConfig.tsPartner dashboard session required.partners-api/src/routes/eventConfig.ts:476
PUT/api/manage/:id/check-in/:kind/:recordIdcheckIn.tsPartner dashboard session required.partners-api/src/routes/checkIn.ts:1830
PUT/api/manage/:id/check-in/:kind/:recordId/claimcheckIn.tsPartner dashboard session required.partners-api/src/routes/checkIn.ts:1913
GET/api/manage/:id/check-in/entriescheckIn.tsPartner dashboard session required.partners-api/src/routes/checkIn.ts:1622
GET/api/manage/:id/check-in/entrycheckIn.tsPartner dashboard session required.partners-api/src/routes/checkIn.ts:1634
GET/api/manage/:id/check-in/offline-snapshotcheckIn.tsPartner dashboard session required.partners-api/src/routes/checkIn.ts:1670
GET/api/manage/:id/check-in/offline-snapshot/historycheckIn.tsPartner dashboard session required.partners-api/src/routes/checkIn.ts:1657
POST/api/manage/:id/check-in/offline-snapshot/importcheckIn.tsPartner dashboard session required.partners-api/src/routes/checkIn.ts:1793
GET/api/manage/:id/check-in/settingscheckIn.tsPartner dashboard session required.partners-api/src/routes/checkIn.ts:1584
PUT/api/manage/:id/check-in/settingscheckIn.tsPartner dashboard session required.partners-api/src/routes/checkIn.ts:1597
GET/api/manage/:id/communications/audiencescommunications.tsPartner dashboard session required.partners-api/src/routes/communications.ts:409
POST/api/manage/:id/communications/blastscommunications.tsPartner dashboard session required.partners-api/src/routes/communications.ts:484
POST/api/manage/:id/communications/previewcommunications.tsPartner dashboard session required.partners-api/src/routes/communications.ts:433
GET/api/manage/:id/conditions-of-entryconditionsOfEntry.tsPartner dashboard session required.partners-api/src/routes/conditionsOfEntry.ts:39
GET/api/manage/:id/conditions-of-entryconditionsOfEntry.tsPartner dashboard session required.partners-api/src/routes/conditionsOfEntry.ts:39
PUT/api/manage/:id/conditions-of-entryconditionsOfEntry.tsPartner dashboard session required.partners-api/src/routes/conditionsOfEntry.ts:79
PUT/api/manage/:id/conditions-of-entryconditionsOfEntry.tsPartner dashboard session required.partners-api/src/routes/conditionsOfEntry.ts:79
GET/api/manage/:id/dealers-den/applicationsdealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:847
DELETE/api/manage/:id/dealers-den/applications/:appIddealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:812
GET/api/manage/:id/dealers-den/applications/:appIddealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:875
POST/api/manage/:id/dealers-den/applications/:appId/approvedealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:901
POST/api/manage/:id/dealers-den/applications/:appId/denydealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:990
GET/api/manage/:id/dealers-den/packagesdealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:446
POST/api/manage/:id/dealers-den/packagesdealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:462
DELETE/api/manage/:id/dealers-den/packages/:pkgIddealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:501
PUT/api/manage/:id/dealers-den/packages/:pkgIddealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:480
GET/api/manage/:id/dealers-den/regosdealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:517
DELETE/api/manage/:id/dealers-den/regos/:regoIddealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:587
PATCH/api/manage/:id/dealers-den/regos/:regoIddealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:633
GET/api/manage/:id/dealers-den/settingsdealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:356
PUT/api/manage/:id/dealers-den/settingsdealersDen.tsPartner dashboard session required.partners-api/src/routes/dealersDen.ts:396
GET/api/manage/:id/google-wallet-configeventConfig.tsPartner dashboard session required.partners-api/src/routes/eventConfig.ts:104
PUT/api/manage/:id/google-wallet-configeventConfig.tsPartner dashboard session required.partners-api/src/routes/eventConfig.ts:165
GET/api/manage/:id/human-resourceshumanResources.tsPartner dashboard session required.partners-api/src/routes/humanResources.ts:1263
PUT/api/manage/:id/human-resourceshumanResources.tsPartner dashboard session required.partners-api/src/routes/humanResources.ts:1278
POST/api/manage/:id/human-resources/applications/:applicationId/reviewhumanResources.tsPartner dashboard session required.partners-api/src/routes/humanResources.ts:1544
GET/api/manage/:id/human-resources/live-trackerhumanResources.tsPartner dashboard session required.partners-api/src/routes/humanResources.ts:1503
PUT/api/manage/:id/inclusionseventConfig.tsPartner dashboard session required.partners-api/src/routes/eventConfig.ts:254
GET/api/manage/:id/inventoryinventory.tsPartner dashboard session required.partners-api/src/routes/inventory.ts:1272
PUT/api/manage/:id/inventory/on-handinventory.tsPartner dashboard session required.partners-api/src/routes/inventory.ts:1319
POST/api/manage/:id/inventory/pos/quoteinventory.tsPartner dashboard session required.partners-api/src/routes/inventory.ts:1395
GET/api/manage/:id/inventory/pos/transactionsinventory.tsPartner dashboard session required.partners-api/src/routes/inventory.ts:1375
POST/api/manage/:id/inventory/pos/transactionsinventory.tsPartner dashboard session required.partners-api/src/routes/inventory.ts:1450
PUT/api/manage/:id/inventory/settingsinventory.tsPartner dashboard session required.partners-api/src/routes/inventory.ts:1286
GET/api/manage/:id/rego/analyticsregoAnalytics.tsPartner dashboard session required.partners-api/src/routes/regoAnalytics.ts:140
PUT/api/manage/:id/tierseventConfig.tsPartner dashboard session required.partners-api/src/routes/eventConfig.ts:333
GET/api/rego/activities/submissions/myactivities.tsRego attendee session required.partners-api/src/routes/activities.ts:895
GET/api/rego/dealers-den/:eventId/infodealersDen.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/dealersDen.ts:1086
POST/api/rego/dealers-den/applicationsdealersDen.tsRego auth optional for new attendee flow.partners-api/src/routes/dealersDen.ts:1336
DELETE/api/rego/dealers-den/applications/:appIddealersDen.tsRego attendee session required.partners-api/src/routes/dealersDen.ts:1506
GET/api/rego/dealers-den/applications/:appIddealersDen.tsRego attendee session required.partners-api/src/routes/dealersDen.ts:1291
POST/api/rego/dealers-den/applications/:appId/assistantsdealersDen.tsRego attendee session required.partners-api/src/routes/dealersDen.ts:1534
DELETE/api/rego/dealers-den/applications/:appId/assistants/:aiddealersDen.tsRego attendee session required.partners-api/src/routes/dealersDen.ts:1615
GET/api/rego/dealers-den/applications/mydealersDen.tsRego attendee session required.partners-api/src/routes/dealersDen.ts:1203
PATCH/api/rego/dealers-den/assistants/:aid/responddealersDen.tsRego attendee session required.partners-api/src/routes/dealersDen.ts:1652
POST/api/rego/dealers-den/events/:eventId/reservedealersDen.tsRego attendee session required.partners-api/src/routes/dealersDen.ts:1691
GET/api/rego/dealers-den/regos/:regoIddealersDen.tsRego attendee session required.partners-api/src/routes/dealersDen.ts:2150
GET/api/rego/dealers-den/regos/:regoId/walletdealersDen.tsRego attendee session required.partners-api/src/routes/dealersDen.ts:2269
GET/api/rego/dealers-den/regos/mydealersDen.tsRego attendee session required.partners-api/src/routes/dealersDen.ts:1223
POST/api/rego/dealers-den/regos/submitdealersDen.tsRego attendee session required.partners-api/src/routes/dealersDen.ts:1813
POST/api/rego/dealers-den/reservations/:id/releasedealersDen.tsRego attendee session required.partners-api/src/routes/dealersDen.ts:1791
GET/api/rego/events/:slug/activitiesactivities.tsRego auth optional for new attendee flow.partners-api/src/routes/activities.ts:754
GET/api/rego/events/:slug/activities/:activitySlugactivities.tsRego auth optional for new attendee flow.partners-api/src/routes/activities.ts:998
POST/api/rego/events/:slug/activities/:activitySlug/submissionsactivities.tsRego attendee session required.partners-api/src/routes/activities.ts:1053
GET/api/rego/events/:slug/activities/submissions/myactivities.tsRego attendee session required.partners-api/src/routes/activities.ts:807
GET/api/rego/events/:slug/shift-authorizershumanResources.tsRego attendee session required.partners-api/src/routes/humanResources.ts:2016
POST/api/rego/events/:slug/volunteer-applicationshumanResources.tsRego attendee session required.partners-api/src/routes/humanResources.ts:1728
GET/api/rego/events/:slug/volunteer-opportunitieshumanResources.tsRego auth optional for new attendee flow.partners-api/src/routes/humanResources.ts:1632
GET/api/rego/human-resources/mehumanResources.tsRego attendee session required.partners-api/src/routes/humanResources.ts:1856
POST/api/rego/human-resources/shifts/:shiftId/trackhumanResources.tsRego attendee session required.partners-api/src/routes/humanResources.ts:2045
POST/api/rego/notices/:id/ackregoNotices.tsRego attendee session required.partners-api/src/routes/regoNotices.ts:143
GET/api/rego/notices/unackedregoNotices.tsRego attendee session required.partners-api/src/routes/regoNotices.ts:57
GET/api/rego/transactions/meinventory.tsRego attendee session required.partners-api/src/routes/inventory.ts:1541
POST/api/events/:eventId/payment-accounts/:accountId/reportpaymentAccountReports.tsRego attendee session required.partners-api/src/routes/paymentAccountReports.ts:18
GET/api/events/:id/finance-programsfinancePrograms.tsPartner dashboard session required.partners-api/src/routes/financePrograms.ts:440
PUT/api/events/:id/finance-programsfinancePrograms.tsPartner dashboard session required.partners-api/src/routes/financePrograms.ts:455
GET/api/events/:id/finance/analyticsfinance.tsPartner dashboard session required.partners-api/src/routes/finance.ts:450
GET/api/events/:id/finance/settlementsfinance.tsPartner dashboard session required.partners-api/src/routes/finance.ts:474
POST/api/events/:id/finance/settlementsfinance.tsPartner dashboard session required.partners-api/src/routes/finance.ts:537
POST/api/events/:id/finance/settlements/quotefinance.tsPartner dashboard session required.partners-api/src/routes/finance.ts:500
GET/api/events/:id/payment-account-reportspaymentAccounts.tsPartner dashboard session required.partners-api/src/routes/paymentAccounts.ts:167
GET/api/events/:id/payment-accountspaymentAccounts.tsPartner dashboard session required.partners-api/src/routes/paymentAccounts.ts:68
PUT/api/events/:id/payment-accountspaymentAccounts.tsPartner dashboard session required.partners-api/src/routes/paymentAccounts.ts:92
GET/api/events/:id/payment-providerspaymentProviders.tsPartner dashboard session required.partners-api/src/routes/paymentProviders.ts:96
PUT/api/events/:id/payment-providerspaymentProviders.tsPartner dashboard session required.partners-api/src/routes/paymentProviders.ts:148
GET/api/events/:id/rego-refundsregoRefunds.tsPartner dashboard session required.partners-api/src/routes/regoRefunds.ts:962
PATCH/api/events/:id/rego-refunds/:refundId/reviewregoRefunds.tsPartner dashboard session required.partners-api/src/routes/regoRefunds.ts:984
GET/api/events/:id/rego-transfersregoTransfers.tsPartner dashboard session required.partners-api/src/routes/regoTransfers.ts:931
PATCH/api/events/:id/rego-transfers/:transferId/reviewregoTransfers.tsPartner dashboard session required.partners-api/src/routes/regoTransfers.ts:953
GET/api/events/:id/rego-upgradesregoUpgrades.tsPartner dashboard session required.partners-api/src/routes/regoUpgrades.ts:1240
PATCH/api/events/:id/rego-upgrades/:upgradeId/reviewregoUpgrades.tsPartner dashboard session required.partners-api/src/routes/regoUpgrades.ts:1304
POST/api/manage/:eventId/payment-accounts/:accountId/reportpaymentAccountReports.tsRego attendee session required.partners-api/src/routes/paymentAccountReports.ts:18
GET/api/manage/:id/finance-programsfinancePrograms.tsPartner dashboard session required.partners-api/src/routes/financePrograms.ts:440
PUT/api/manage/:id/finance-programsfinancePrograms.tsPartner dashboard session required.partners-api/src/routes/financePrograms.ts:455
GET/api/manage/:id/finance/analyticsfinance.tsPartner dashboard session required.partners-api/src/routes/finance.ts:450
GET/api/manage/:id/finance/settlementsfinance.tsPartner dashboard session required.partners-api/src/routes/finance.ts:474
POST/api/manage/:id/finance/settlementsfinance.tsPartner dashboard session required.partners-api/src/routes/finance.ts:537
POST/api/manage/:id/finance/settlements/quotefinance.tsPartner dashboard session required.partners-api/src/routes/finance.ts:500
GET/api/manage/:id/payment-account-reportspaymentAccounts.tsPartner dashboard session required.partners-api/src/routes/paymentAccounts.ts:167
GET/api/manage/:id/payment-accountspaymentAccounts.tsPartner dashboard session required.partners-api/src/routes/paymentAccounts.ts:68
PUT/api/manage/:id/payment-accountspaymentAccounts.tsPartner dashboard session required.partners-api/src/routes/paymentAccounts.ts:92
GET/api/manage/:id/payment-providerspaymentProviders.tsPartner dashboard session required.partners-api/src/routes/paymentProviders.ts:96
PUT/api/manage/:id/payment-providerspaymentProviders.tsPartner dashboard session required.partners-api/src/routes/paymentProviders.ts:148
GET/api/manage/:id/rego-refundsregoRefunds.tsPartner dashboard session required.partners-api/src/routes/regoRefunds.ts:962
PATCH/api/manage/:id/rego-refunds/:refundId/reviewregoRefunds.tsPartner dashboard session required.partners-api/src/routes/regoRefunds.ts:984
GET/api/manage/:id/rego-transfersregoTransfers.tsPartner dashboard session required.partners-api/src/routes/regoTransfers.ts:931
PATCH/api/manage/:id/rego-transfers/:transferId/reviewregoTransfers.tsPartner dashboard session required.partners-api/src/routes/regoTransfers.ts:953
GET/api/manage/:id/rego-upgradesregoUpgrades.tsPartner dashboard session required.partners-api/src/routes/regoUpgrades.ts:1240
PATCH/api/manage/:id/rego-upgrades/:upgradeId/reviewregoUpgrades.tsPartner dashboard session required.partners-api/src/routes/regoUpgrades.ts:1304
POST/api/rego/rego-upgrades/:id/payregoUpgrades.tsRego attendee session required.partners-api/src/routes/regoUpgrades.ts:1109
GET/api/rego/regos/:ref/refundsregoRefunds.tsRego attendee session required.partners-api/src/routes/regoRefunds.ts:747
POST/api/rego/regos/:ref/refundsregoRefunds.tsRego attendee session required.partners-api/src/routes/regoRefunds.ts:802
GET/api/rego/regos/:ref/transfersregoTransfers.tsRego attendee session required.partners-api/src/routes/regoTransfers.ts:633
POST/api/rego/regos/:ref/transfersregoTransfers.tsRego attendee session required.partners-api/src/routes/regoTransfers.ts:695
GET/api/rego/regos/:ref/upgradesregoUpgrades.tsRego attendee session required.partners-api/src/routes/regoUpgrades.ts:877
POST/api/rego/regos/:ref/upgradesregoUpgrades.tsRego attendee session required.partners-api/src/routes/regoUpgrades.ts:953
GET/api/rego/users/transfer-searchregoTransfers.tsRego attendee session required.partners-api/src/routes/regoTransfers.ts:602
GET/api/geo/countriesgeo.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/geo.ts:55
GET/api/geo/states/:iso2geo.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/geo.ts:69
GET/api/events/:id/group-rego-settingsgroupRego.tsPartner dashboard session required.partners-api/src/routes/groupRego.ts:755
PUT/api/events/:id/group-rego-settingsgroupRego.tsPartner dashboard session required.partners-api/src/routes/groupRego.ts:775
POST/api/events/:id/reserve-slotregoReservations.tsPartner dashboard session required.partners-api/src/routes/regoReservations.ts:20
GET/api/events/:id/waitlist-configwaitlist.tsPartner dashboard session required.partners-api/src/routes/waitlist.ts:266
PUT/api/events/:id/waitlist-config/:subjectType/:subjectIdwaitlist.tsPartner dashboard session required.partners-api/src/routes/waitlist.ts:301
POST/api/events/:id/waitlist/process-next/:tierIdwaitlist.tsPartner dashboard session required.partners-api/src/routes/waitlist.ts:391
POST/api/internal/waitlist/expire-offerswaitlist.tsInternal cron secret required.partners-api/src/routes/waitlist.ts:648
GET/api/manage/:id/group-rego-settingsgroupRego.tsPartner dashboard session required.partners-api/src/routes/groupRego.ts:755
PUT/api/manage/:id/group-rego-settingsgroupRego.tsPartner dashboard session required.partners-api/src/routes/groupRego.ts:775
POST/api/manage/:id/reserve-slotregoReservations.tsPartner dashboard session required.partners-api/src/routes/regoReservations.ts:20
GET/api/manage/:id/waitlist-configwaitlist.tsPartner dashboard session required.partners-api/src/routes/waitlist.ts:266
PUT/api/manage/:id/waitlist-config/:subjectType/:subjectIdwaitlist.tsPartner dashboard session required.partners-api/src/routes/waitlist.ts:301
POST/api/manage/:id/waitlist/process-next/:tierIdwaitlist.tsPartner dashboard session required.partners-api/src/routes/waitlist.ts:391
POST/api/rego-reservations/:id/releaseregoReservations.tsRego attendee session required.partners-api/src/routes/regoReservations.ts:92
GET/api/rego/affiliate-rewardsregoAffiliateRewards.tsRego attendee session required.partners-api/src/routes/regoAffiliateRewards.ts:18
PUT/api/rego/affiliate-rewards/:affiliateId/payoutregoAffiliateRewards.tsRego attendee session required.partners-api/src/routes/regoAffiliateRewards.ts:30
GET/api/rego/eventsrego.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/rego.ts:848
GET/api/rego/events/:slugrego.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/rego.ts:904
GET/api/rego/fursonasfursonas.tsRego attendee session required.partners-api/src/routes/fursonas.ts:69
POST/api/rego/fursonasfursonas.tsRego attendee session required.partners-api/src/routes/fursonas.ts:90
DELETE/api/rego/fursonas/:idfursonas.tsRego attendee session required.partners-api/src/routes/fursonas.ts:195
PUT/api/rego/fursonas/:idfursonas.tsRego attendee session required.partners-api/src/routes/fursonas.ts:136
DELETE/api/rego/fursonas/:id/refsfursonas.tsRego attendee session required.partners-api/src/routes/fursonas.ts:282
POST/api/rego/fursonas/:id/refsfursonas.tsRego attendee session required.partners-api/src/routes/fursonas.ts:232
PUT/api/rego/fursonas/:id/refs/latestfursonas.tsRego attendee session required.partners-api/src/routes/fursonas.ts:332
POST/api/rego/groupsgroupRego.tsRego attendee session required.partners-api/src/routes/groupRego.ts:212
GET/api/rego/groups/:idgroupRego.tsRego attendee session required.partners-api/src/routes/groupRego.ts:350
PATCH/api/rego/groups/:id/acceptgroupRego.tsRego attendee session required.partners-api/src/routes/groupRego.ts:504
PATCH/api/rego/groups/:id/cancelgroupRego.tsRego attendee session required.partners-api/src/routes/groupRego.ts:518
PATCH/api/rego/groups/:id/declinegroupRego.tsRego attendee session required.partners-api/src/routes/groupRego.ts:511
POST/api/rego/groups/:id/invitegroupRego.tsRego attendee session required.partners-api/src/routes/groupRego.ts:392
DELETE/api/rego/groups/:id/members/:memberIdgroupRego.tsRego attendee session required.partners-api/src/routes/groupRego.ts:600
PATCH/api/rego/groups/:id/members/:memberIdgroupRego.tsRego attendee session required.partners-api/src/routes/groupRego.ts:550
POST/api/rego/groups/:id/submitrego.tsRego attendee session required.partners-api/src/routes/rego.ts:2123
GET/api/rego/groups/:id/totalsgroupRego.tsRego attendee session required.partners-api/src/routes/groupRego.ts:637
GET/api/rego/groups/mygroupRego.tsRego attendee session required.partners-api/src/routes/groupRego.ts:292
POST/api/rego/internal/archive-expiredrego.tsInternal cron secret required.partners-api/src/routes/rego.ts:2946
PUT/api/rego/prefillsrego.tsRego auth optional for new attendee flow.partners-api/src/routes/rego.ts:1168
DELETE/api/rego/prefills/:eventIdrego.tsRego attendee session required.partners-api/src/routes/rego.ts:1384
GET/api/rego/prefills/:eventIdrego.tsRego attendee session required.partners-api/src/routes/rego.ts:1118
GET/api/rego/profileregoProfile.tsRego auth optional for new attendee flow.partners-api/src/routes/regoProfile.ts:162
PUT/api/rego/profileregoProfile.tsRego auth optional for new attendee flow.partners-api/src/routes/regoProfile.ts:251
PATCH/api/rego/profile/email-preferencesregoProfile.tsRego auth optional for new attendee flow.partners-api/src/routes/regoProfile.ts:355
GET/api/rego/profile/import-dashboardregoProfile.tsRego auth optional for new attendee flow.partners-api/src/routes/regoProfile.ts:188
GET/api/rego/profile/photoregoProfile.tsRego auth optional for new attendee flow.partners-api/src/routes/regoProfile.ts:449
PATCH/api/rego/profile/photoregoProfile.tsRego auth optional for new attendee flow.partners-api/src/routes/regoProfile.ts:468
PATCH/api/rego/profile/usernameregoProfile.tsRego auth optional for new attendee flow.partners-api/src/routes/regoProfile.ts:414
POST/api/rego/quoterego.tsRego auth optional for new attendee flow.partners-api/src/routes/rego.ts:1027
POST/api/rego/regosrego.tsRego auth optional for new attendee flow.partners-api/src/routes/rego.ts:1721
GET/api/rego/regos/:refrego.tsRego attendee session required.partners-api/src/routes/rego.ts:1472
GET/api/rego/regos/:ref/walletrego.tsRego attendee session required.partners-api/src/routes/rego.ts:1651
GET/api/rego/regos/merego.tsRego attendee session required.partners-api/src/routes/rego.ts:1409
GET/api/rego/username/checkregoProfile.tsRego auth optional for new attendee flow.partners-api/src/routes/regoProfile.ts:396
POST/api/rego/waitlistrego.tsRego auth optional for new attendee flow.partners-api/src/routes/rego.ts:2856
POST/api/rego/waitlist/:entryId/acceptwaitlist.tsRego attendee session required.partners-api/src/routes/waitlist.ts:556
POST/api/rego/waitlist/:entryId/declinewaitlist.tsRego attendee session required.partners-api/src/routes/waitlist.ts:473
GET/api/rego/waitlist/merego.tsRego attendee session required.partners-api/src/routes/rego.ts:2814
GET/api/rego/waitlist/pending-offerwaitlist.tsRego attendee session required.partners-api/src/routes/waitlist.ts:416
GET/api/events/:id/social/bot-settingssocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1642
PATCH/api/events/:id/social/bot-settingssocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1683
GET/api/events/:id/social/discord/guildssocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1524
GET/api/events/:id/social/discord/guilds/:guildId/rolessocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1545
GET/api/events/:id/social/discord/link/startsocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1449
GET/api/events/:id/social/telegram/chatssocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1581
POST/api/events/:id/social/telegram/link/completesocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1709
GET/api/events/:id/social/telegram/link/startsocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1479
GET/api/events/:id/zep/app-bundlezep.tsPartner dashboard session required.partners-api/src/routes/zep.ts:486
GET/api/events/:id/zep/configzep.tsPartner dashboard session required.partners-api/src/routes/zep.ts:424
PUT/api/events/:id/zep/configzep.tsPartner dashboard session required.partners-api/src/routes/zep.ts:503
POST/api/internal/social-entitlements/reconcilesocialLinking.tsInternal cron secret required.partners-api/src/routes/socialLinking.ts:2066
GET/api/manage/:id/social/bot-settingssocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1642
PATCH/api/manage/:id/social/bot-settingssocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1683
GET/api/manage/:id/social/discord/guildssocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1524
GET/api/manage/:id/social/discord/guilds/:guildId/rolessocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1545
GET/api/manage/:id/social/discord/link/startsocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1449
GET/api/manage/:id/social/telegram/chatssocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1581
POST/api/manage/:id/social/telegram/link/completesocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1709
GET/api/manage/:id/social/telegram/link/startsocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1479
GET/api/manage/:id/zep/app-bundlezep.tsPartner dashboard session required.partners-api/src/routes/zep.ts:486
GET/api/manage/:id/zep/configzep.tsPartner dashboard session required.partners-api/src/routes/zep.ts:424
PUT/api/manage/:id/zep/configzep.tsPartner dashboard session required.partners-api/src/routes/zep.ts:503
DELETE/api/org/social/discord/guilds/:guildIdsocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1602
GET/api/org/social/discord/link/startsocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1278
POST/api/org/social/discord/unlinksocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1308
GET/api/org/social/settingssocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1238
POST/api/org/social/telegram/chat/link/completesocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1423
GET/api/org/social/telegram/chat/link/startsocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1382
DELETE/api/org/social/telegram/chats/:chatIdsocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1622
GET/api/org/social/telegram/link/startsocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1328
POST/api/org/social/telegram/unlinksocialLinking.tsPartner dashboard session required.partners-api/src/routes/socialLinking.ts:1362
GET/api/rego/friendssocial.tsRego attendee session required.partners-api/src/routes/social.ts:183
DELETE/api/rego/friends/:idsocial.tsRego attendee session required.partners-api/src/routes/social.ts:559
PATCH/api/rego/friends/:id/acceptsocial.tsRego attendee session required.partners-api/src/routes/social.ts:418
PATCH/api/rego/friends/:id/declinesocial.tsRego attendee session required.partners-api/src/routes/social.ts:488
GET/api/rego/friends/eventssocial.tsRego attendee session required.partners-api/src/routes/social.ts:673
POST/api/rego/friends/requestsocial.tsRego attendee session required.partners-api/src/routes/social.ts:301
GET/api/rego/friends/requestssocial.tsRego attendee session required.partners-api/src/routes/social.ts:241
GET/api/rego/friends/sentsocial.tsRego attendee session required.partners-api/src/routes/social.ts:271
GET/api/rego/social/discord/link/startsocialLinking.tsRego attendee session required.partners-api/src/routes/socialLinking.ts:1132
POST/api/rego/social/discord/unlinksocialLinking.tsRego attendee session required.partners-api/src/routes/socialLinking.ts:1188
GET/api/rego/social/settingssocial.tsRego attendee session required.partners-api/src/routes/social.ts:58
PATCH/api/rego/social/settingssocial.tsRego attendee session required.partners-api/src/routes/social.ts:81
GET/api/rego/social/telegram/link/startsocialLinking.tsRego attendee session required.partners-api/src/routes/socialLinking.ts:1158
POST/api/rego/social/telegram/unlinksocialLinking.tsRego attendee session required.partners-api/src/routes/socialLinking.ts:1213
GET/api/rego/users/searchsocial.tsRego attendee session required.partners-api/src/routes/social.ts:129
POST/api/rego/zep/launchzep.tsRego attendee session required.partners-api/src/routes/zep.ts:697
GET/api/rego/zep/statuszep.tsRego attendee session required.partners-api/src/routes/zep.ts:682
POST/api/zep/validatezep.tsUnknown from inventory scan; ask the platform owner to confirm access behavior before use.partners-api/src/routes/zep.ts:730
POST/contactcontact.tsPublic route with validation and outbound mail behavior.partners-api/src/routes/contact.ts:25

Endpoint contracts

1. GET /api/admin/attendees

  • Purpose: GET /api/admin/attendees handled by staffProfiles.ts; admin attendees service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/staffProfiles.ts:116
  • Mounted prefix: /api
  • Service area: staffProfiles.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/admin/attendees" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/attendees", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

2. GET /api/admin/user-profiles

  • Purpose: GET /api/admin/user-profiles handled by staffProfiles.ts; admin user profiles service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/staffProfiles.ts:27
  • Mounted prefix: /api
  • Service area: staffProfiles.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/admin/user-profiles" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/user-profiles", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

3. POST /api/events

  • Purpose: POST /api/events handled by mutations.ts; events service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/mutations.ts:156
  • Mounted prefix: /api
  • Service area: mutations.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

4. GET /api/events/:id

  • Purpose: GET /api/events/:id handled by rows.ts; events id service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rows.ts:397
  • Mounted prefix: /api
  • Service area: rows.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

5. PUT /api/events/:id

  • Purpose: PUT /api/events/:id handled by mutations.ts; events id service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/mutations.ts:242
  • Mounted prefix: /api
  • Service area: mutations.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

6. GET /api/events/check-rego-ref-prefix

  • Purpose: GET /api/events/check-rego-ref-prefix handled by mutations.ts; events check rego ref prefix service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/mutations.ts:201
  • Mounted prefix: /api
  • Service area: mutations.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/check-rego-ref-prefix" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/check-rego-ref-prefix", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

7. GET /api/img/:filename

  • Purpose: GET /api/img/:filename handled by imgProxy.ts; img filename service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/imgProxy.ts:19
  • Mounted prefix: /api
  • Service area: imgProxy.ts
  • Internal router label: router
  • Stability: partner dashboard internal
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: filename
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May read or write media/storage assets.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/img/:filename" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/img/:filename", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

8. POST /api/incidents

  • Purpose: POST /api/incidents handled by mutations.ts; incidents service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/mutations.ts:579
  • Mounted prefix: /api
  • Service area: mutations.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/incidents" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/incidents", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

9. PUT /api/incidents/:id

  • Purpose: PUT /api/incidents/:id handled by mutations.ts; incidents id service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/mutations.ts:618
  • Mounted prefix: /api
  • Service area: mutations.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/incidents/:id" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/incidents/:id", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

10. PATCH /api/incidents/:id/actions

  • Purpose: PATCH /api/incidents/:id/actions handled by mutations.ts; incidents id actions service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/mutations.ts:684
  • Mounted prefix: /api
  • Service area: mutations.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/incidents/:id/actions" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/incidents/:id/actions", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

11. POST /api/incidents/:id/cross-ban-decision

  • Purpose: POST /api/incidents/:id/cross-ban-decision handled by mutations.ts; incidents id cross ban decision service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/mutations.ts:836
  • Mounted prefix: /api
  • Service area: mutations.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/incidents/:id/cross-ban-decision" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/incidents/:id/cross-ban-decision", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

12. POST /api/internal/test-runs

  • Purpose: POST /api/internal/test-runs handled by testRuns.ts; internal test runs service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/testRuns.ts:1359
  • Mounted prefix: /api
  • Service area: testRuns.ts
  • Internal router label: api
  • Stability: test-only-or-certification
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/internal/test-runs" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/internal/test-runs", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

13. DELETE /api/internal/test-runs/:runId/assets

  • Purpose: DELETE /api/internal/test-runs/:runId/assets handled by testRuns.ts; internal test runs runId assets service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/testRuns.ts:2779
  • Mounted prefix: /api
  • Service area: testRuns.ts
  • Internal router label: api
  • Stability: test-only-or-certification
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: runId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/internal/test-runs/:runId/assets" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/internal/test-runs/:runId/assets", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

14. POST /api/internal/test-runs/:runId/assets

  • Purpose: POST /api/internal/test-runs/:runId/assets handled by testRuns.ts; internal test runs runId assets service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/testRuns.ts:2751
  • Mounted prefix: /api
  • Service area: testRuns.ts
  • Internal router label: api
  • Stability: test-only-or-certification
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: runId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/internal/test-runs/:runId/assets" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/internal/test-runs/:runId/assets", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

15. POST /api/internal/test-runs/:runId/cleanup

  • Purpose: POST /api/internal/test-runs/:runId/cleanup handled by testRuns.ts; internal test runs runId cleanup service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/testRuns.ts:2585
  • Mounted prefix: /api
  • Service area: testRuns.ts
  • Internal router label: api
  • Stability: test-only-or-certification
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: runId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/internal/test-runs/:runId/cleanup" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/internal/test-runs/:runId/cleanup", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

16. POST /api/internal/test-runs/:runId/dashboard-session

  • Purpose: POST /api/internal/test-runs/:runId/dashboard-session handled by testRuns.ts; internal test runs runId dashboard session service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/testRuns.ts:1396
  • Mounted prefix: /api
  • Service area: testRuns.ts
  • Internal router label: api
  • Stability: test-only-or-certification
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: runId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/internal/test-runs/:runId/dashboard-session" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/internal/test-runs/:runId/dashboard-session", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

17. POST /api/internal/test-runs/:runId/rego-sessions/bulk

  • Purpose: POST /api/internal/test-runs/:runId/rego-sessions/bulk handled by testRuns.ts; internal test runs runId rego sessions bulk service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/testRuns.ts:1424
  • Mounted prefix: /api
  • Service area: testRuns.ts
  • Internal router label: api
  • Stability: test-only-or-certification
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: runId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/internal/test-runs/:runId/rego-sessions/bulk" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/internal/test-runs/:runId/rego-sessions/bulk", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

18. DELETE /api/internal/test-runs/:runId/roots

  • Purpose: DELETE /api/internal/test-runs/:runId/roots handled by testRuns.ts; internal test runs runId roots service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/testRuns.ts:2729
  • Mounted prefix: /api
  • Service area: testRuns.ts
  • Internal router label: api
  • Stability: test-only-or-certification
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: runId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/internal/test-runs/:runId/roots" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/internal/test-runs/:runId/roots", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

19. POST /api/internal/test-runs/:runId/roots

  • Purpose: POST /api/internal/test-runs/:runId/roots handled by testRuns.ts; internal test runs runId roots service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/testRuns.ts:2700
  • Mounted prefix: /api
  • Service area: testRuns.ts
  • Internal router label: api
  • Stability: test-only-or-certification
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: runId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/internal/test-runs/:runId/roots" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/internal/test-runs/:runId/roots", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

20. POST /api/internal/test-runs/:runId/seed/event

  • Purpose: POST /api/internal/test-runs/:runId/seed/event handled by testRuns.ts; internal test runs runId seed event service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/testRuns.ts:1939
  • Mounted prefix: /api
  • Service area: testRuns.ts
  • Internal router label: api
  • Stability: test-only-or-certification
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: runId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/internal/test-runs/:runId/seed/event" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/internal/test-runs/:runId/seed/event", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

21. POST /api/internal/test-runs/:runId/seed/social-graph

  • Purpose: POST /api/internal/test-runs/:runId/seed/social-graph handled by testRuns.ts; internal test runs runId seed social graph service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/testRuns.ts:1796
  • Mounted prefix: /api
  • Service area: testRuns.ts
  • Internal router label: api
  • Stability: test-only-or-certification
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: runId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/internal/test-runs/:runId/seed/social-graph" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/internal/test-runs/:runId/seed/social-graph", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

22. POST /api/internal/test-runs/:runId/seed/staff

  • Purpose: POST /api/internal/test-runs/:runId/seed/staff handled by testRuns.ts; internal test runs runId seed staff service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/testRuns.ts:1624
  • Mounted prefix: /api
  • Service area: testRuns.ts
  • Internal router label: api
  • Stability: test-only-or-certification
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: runId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/internal/test-runs/:runId/seed/staff" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/internal/test-runs/:runId/seed/staff", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

23. GET /api/internal/test-runs/:runId/snapshot

  • Purpose: GET /api/internal/test-runs/:runId/snapshot handled by testRuns.ts; internal test runs runId snapshot service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/testRuns.ts:2801
  • Mounted prefix: /api
  • Service area: testRuns.ts
  • Internal router label: api
  • Stability: test-only-or-certification
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: runId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/internal/test-runs/:runId/snapshot" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/internal/test-runs/:runId/snapshot", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

24. POST /api/internal/test-runs/:runId/state/fast-forward

  • Purpose: POST /api/internal/test-runs/:runId/state/fast-forward handled by testRuns.ts; internal test runs runId state fast forward service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/testRuns.ts:2502
  • Mounted prefix: /api
  • Service area: testRuns.ts
  • Internal router label: api
  • Stability: test-only-or-certification
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: runId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/internal/test-runs/:runId/state/fast-forward" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/internal/test-runs/:runId/state/fast-forward", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

25. POST /api/internal/test-runs/:runId/suppress-side-effects

  • Purpose: POST /api/internal/test-runs/:runId/suppress-side-effects handled by testRuns.ts; internal test runs runId suppress side effects service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/testRuns.ts:2674
  • Mounted prefix: /api
  • Service area: testRuns.ts
  • Internal router label: api
  • Stability: test-only-or-certification
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: runId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/internal/test-runs/:runId/suppress-side-effects" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/internal/test-runs/:runId/suppress-side-effects", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

26. POST /api/internal/test-runs/:runId/verify

  • Purpose: POST /api/internal/test-runs/:runId/verify handled by testRuns.ts; internal test runs runId verify service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/testRuns.ts:2820
  • Mounted prefix: /api
  • Service area: testRuns.ts
  • Internal router label: api
  • Stability: test-only-or-certification
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: runId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/internal/test-runs/:runId/verify" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/internal/test-runs/:runId/verify", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

27. POST /api/internal/test-runs/sweep

  • Purpose: POST /api/internal/test-runs/sweep handled by testRuns.ts; internal test runs sweep service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/testRuns.ts:2633
  • Mounted prefix: /api
  • Service area: testRuns.ts
  • Internal router label: api
  • Stability: test-only-or-certification
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/internal/test-runs/sweep" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/internal/test-runs/sweep", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

28. POST /api/manage

  • Purpose: POST /api/manage is the Event Management compatibility alias for /api/events.
  • Internal trace: partners-api/src/routes/mutations.ts:156
  • Mounted prefix: /api
  • Service area: mutations.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

29. GET /api/manage/:id

  • Purpose: GET /api/manage/:id is the Event Management compatibility alias for /api/events/:id.
  • Internal trace: partners-api/src/routes/rows.ts:397
  • Mounted prefix: /api
  • Service area: rows.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

30. PUT /api/manage/:id

  • Purpose: PUT /api/manage/:id is the Event Management compatibility alias for /api/events/:id.
  • Internal trace: partners-api/src/routes/mutations.ts:242
  • Mounted prefix: /api
  • Service area: mutations.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

31. GET /api/manage/check-rego-ref-prefix

  • Purpose: GET /api/manage/check-rego-ref-prefix is the Event Management compatibility alias for /api/events/check-rego-ref-prefix.
  • Internal trace: partners-api/src/routes/mutations.ts:201
  • Mounted prefix: /api
  • Service area: mutations.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/check-rego-ref-prefix" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/check-rego-ref-prefix", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

32. GET /api/partner-directory

  • Purpose: GET /api/partner-directory handled by rows.ts; partner directory service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rows.ts:1175
  • Mounted prefix: /api
  • Service area: rows.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/partner-directory" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/partner-directory", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

33. POST /api/pawsports/bind

  • Purpose: POST /api/pawsports/bind handled by mutations.ts; pawsports bind service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/mutations.ts:449
  • Mounted prefix: /api
  • Service area: mutations.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/pawsports/bind" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/pawsports/bind", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

34. GET /api/person-profiles

  • Purpose: GET /api/person-profiles handled by personProfiles.ts; person profiles service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/personProfiles.ts:18
  • Mounted prefix: /api
  • Service area: personProfiles.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/person-profiles" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/person-profiles", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

35. POST /api/person-profiles

  • Purpose: POST /api/person-profiles handled by personProfiles.ts; person profiles service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/personProfiles.ts:77
  • Mounted prefix: /api
  • Service area: personProfiles.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/person-profiles" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/person-profiles", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

36. DELETE /api/person-profiles/:id

  • Purpose: DELETE /api/person-profiles/:id handled by personProfiles.ts; person profiles id service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/personProfiles.ts:152
  • Mounted prefix: /api
  • Service area: personProfiles.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/person-profiles/:id" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/person-profiles/:id", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

37. PUT /api/person-profiles/:id

  • Purpose: PUT /api/person-profiles/:id handled by personProfiles.ts; person profiles id service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/personProfiles.ts:125
  • Mounted prefix: /api
  • Service area: personProfiles.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/person-profiles/:id" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/person-profiles/:id", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

38. POST /api/person-profiles/:id/links

  • Purpose: POST /api/person-profiles/:id/links handled by personProfiles.ts; person profiles id links service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/personProfiles.ts:171
  • Mounted prefix: /api
  • Service area: personProfiles.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/person-profiles/:id/links" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/person-profiles/:id/links", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

39. DELETE /api/person-profiles/:id/links/:reportId

  • Purpose: DELETE /api/person-profiles/:id/links/:reportId handled by personProfiles.ts; person profiles id links reportId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/personProfiles.ts:204
  • Mounted prefix: /api
  • Service area: personProfiles.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, reportId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/person-profiles/:id/links/:reportId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/person-profiles/:id/links/:reportId", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

40. GET /api/platform-fees

  • Purpose: GET /api/platform-fees handled by rows.ts; platform fees service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rows.ts:1233
  • Mounted prefix: /api
  • Service area: rows.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/platform-fees" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/platform-fees", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

41. GET /api/profile

  • Purpose: GET /api/profile handled by profile.ts; profile service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/profile.ts:47
  • Mounted prefix: /api
  • Service area: profile.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/profile" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/profile", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

42. PUT /api/profile

  • Purpose: PUT /api/profile handled by profile.ts; profile service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/profile.ts:177
  • Mounted prefix: /api
  • Service area: profile.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/profile" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/profile", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

43. GET /api/profile/photo

  • Purpose: GET /api/profile/photo handled by profile.ts; profile photo service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/profile.ts:92
  • Mounted prefix: /api
  • Service area: profile.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/profile/photo" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/profile/photo", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

44. PATCH /api/profile/photo

  • Purpose: PATCH /api/profile/photo handled by profile.ts; profile photo service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/profile.ts:110
  • Mounted prefix: /api
  • Service area: profile.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/profile/photo" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/profile/photo", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

45. GET /api/rego/event-regos/:eventId

  • Purpose: GET /api/rego/event-regos/:eventId handled by rows.ts; rego event regos eventId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rows.ts:514
  • Mounted prefix: /api
  • Service area: rows.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: eventId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/event-regos/:eventId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/event-regos/:eventId", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

46. GET /api/rego/event-waitlist/:eventId

  • Purpose: GET /api/rego/event-waitlist/:eventId handled by rows.ts; rego event waitlist eventId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rows.ts:641
  • Mounted prefix: /api
  • Service area: rows.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: eventId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/event-waitlist/:eventId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/event-waitlist/:eventId", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

47. POST /api/rego/upload-image

  • Purpose: POST /api/rego/upload-image handled by uploadImage.ts; rego upload image service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/uploadImage.ts:146
  • Mounted prefix: /api
  • Service area: uploadImage.ts
  • Internal router label: app
  • Stability: partner dashboard internal
  • Authentication: Rego auth optional for new attendee flow.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May read or write media/storage assets.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/upload-image" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/upload-image", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

48. PATCH /api/regos/:id/payment-status

  • Purpose: PATCH /api/regos/:id/payment-status handled by rows.ts; regos id payment status service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rows.ts:699
  • Mounted prefix: /api
  • Service area: rows.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/regos/:id/payment-status" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/regos/:id/payment-status", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

49. POST /api/regos/:regId/email

  • Purpose: POST /api/regos/:regId/email handled by rows.ts; regos regId email service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rows.ts:871
  • Mounted prefix: /api
  • Service area: rows.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: regId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/regos/:regId/email" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/regos/:regId/email", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

50. POST /api/regos/:regId/email-preview

  • Purpose: POST /api/regos/:regId/email-preview handled by rows.ts; regos regId email preview service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rows.ts:986
  • Mounted prefix: /api
  • Service area: rows.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: regId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/regos/:regId/email-preview" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/regos/:regId/email-preview", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

51. GET /api/rows

  • Purpose: GET /api/rows handled by rows.ts; rows service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rows.ts:115
  • Mounted prefix: /api
  • Service area: rows.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rows" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rows", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

52. GET /api/spa/contracts

  • Purpose: GET /api/spa/contracts handled by spaContracts.ts; spa contracts service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/spaContracts.ts:72
  • Mounted prefix: /api
  • Service area: spaContracts.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/spa/contracts" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/spa/contracts", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

53. POST /api/upload-image

  • Purpose: POST /api/upload-image handled by uploadImage.ts; upload image service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/uploadImage.ts:145
  • Mounted prefix: /api
  • Service area: uploadImage.ts
  • Internal router label: app
  • Stability: partner dashboard internal
  • Authentication: Rego auth optional for new attendee flow.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May read or write media/storage assets.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/upload-image" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/upload-image", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

54. POST /api/watchlist/adoptions

  • Purpose: POST /api/watchlist/adoptions handled by mutations.ts; watchlist adoptions service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/mutations.ts:773
  • Mounted prefix: /api
  • Service area: mutations.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/watchlist/adoptions" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/watchlist/adoptions", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

55. POST /api/watchlist/grants

  • Purpose: POST /api/watchlist/grants handled by mutations.ts; watchlist grants service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/mutations.ts:740
  • Mounted prefix: /api
  • Service area: mutations.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/watchlist/grants" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/watchlist/grants", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

56. POST /api/watchlist/master-requests

  • Purpose: POST /api/watchlist/master-requests handled by mutations.ts; watchlist master requests service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/mutations.ts:805
  • Mounted prefix: /api
  • Service area: mutations.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/watchlist/master-requests" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/watchlist/master-requests", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/access-and-core-data/

57. POST /api/admin/discord/messages

  • Purpose: POST /api/admin/discord/messages handled by adminDiscord.ts; admin discord messages service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/adminDiscord.ts:49
  • Mounted prefix: /api
  • Service area: adminDiscord.ts
  • Internal router label: api
  • Stability: admin-only
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May touch Discord integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/admin/discord/messages" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/discord/messages", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

58. GET /api/admin/discord/targets

  • Purpose: GET /api/admin/discord/targets handled by adminDiscord.ts; admin discord targets service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/adminDiscord.ts:11
  • Mounted prefix: /api
  • Service area: adminDiscord.ts
  • Internal router label: api
  • Stability: admin-only
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Discord integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/admin/discord/targets" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/discord/targets", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

59. DELETE /api/admin/events/:eventId/registrations

  • Purpose: DELETE /api/admin/events/:eventId/registrations handled by admin.ts; admin events eventId registrations service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/admin.ts:829
  • Mounted prefix: /api
  • Service area: admin.ts
  • Internal router label: api
  • Stability: admin-only
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: eventId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/admin/events/:eventId/registrations" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/events/:eventId/registrations", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

60. GET /api/admin/members

  • Purpose: GET /api/admin/members handled by admin.ts; admin members service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/admin.ts:139
  • Mounted prefix: /api
  • Service area: admin.ts
  • Internal router label: api
  • Stability: admin-only
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/admin/members" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/members", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

61. POST /api/admin/members

  • Purpose: POST /api/admin/members handled by admin.ts; admin members service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/admin.ts:170
  • Mounted prefix: /api
  • Service area: admin.ts
  • Internal router label: api
  • Stability: admin-only
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/admin/members" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/members", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

62. DELETE /api/admin/members/:membershipId

  • Purpose: DELETE /api/admin/members/:membershipId handled by admin.ts; admin members membershipId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/admin.ts:279
  • Mounted prefix: /api
  • Service area: admin.ts
  • Internal router label: api
  • Stability: admin-only
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: membershipId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/admin/members/:membershipId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/members/:membershipId", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

63. PATCH /api/admin/members/:membershipId

  • Purpose: PATCH /api/admin/members/:membershipId handled by admin.ts; admin members membershipId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/admin.ts:326
  • Mounted prefix: /api
  • Service area: admin.ts
  • Internal router label: api
  • Stability: admin-only
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: membershipId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/admin/members/:membershipId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/members/:membershipId", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

64. GET /api/admin/notices

  • Purpose: GET /api/admin/notices handled by notices.ts; admin notices service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/notices.ts:218
  • Mounted prefix: /api
  • Service area: notices.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/admin/notices" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/notices", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

65. POST /api/admin/notices

  • Purpose: POST /api/admin/notices handled by notices.ts; admin notices service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/notices.ts:236
  • Mounted prefix: /api
  • Service area: notices.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/admin/notices" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/notices", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

66. PATCH /api/admin/notices/:id

  • Purpose: PATCH /api/admin/notices/:id handled by notices.ts; admin notices id service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/notices.ts:350
  • Mounted prefix: /api
  • Service area: notices.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/admin/notices/:id" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/notices/:id", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

67. GET /api/admin/partners

  • Purpose: GET /api/admin/partners handled by admin.ts; admin partners service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/admin.ts:36
  • Mounted prefix: /api
  • Service area: admin.ts
  • Internal router label: api
  • Stability: admin-only
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/admin/partners" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/partners", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

68. POST /api/admin/partners

  • Purpose: POST /api/admin/partners handled by admin.ts; admin partners service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/admin.ts:51
  • Mounted prefix: /api
  • Service area: admin.ts
  • Internal router label: api
  • Stability: admin-only
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/admin/partners" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/partners", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

69. PATCH /api/admin/partners/:partnerId

  • Purpose: PATCH /api/admin/partners/:partnerId handled by admin.ts; admin partners partnerId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/admin.ts:101
  • Mounted prefix: /api
  • Service area: admin.ts
  • Internal router label: api
  • Stability: admin-only
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: partnerId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/admin/partners/:partnerId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/partners/:partnerId", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

70. POST /api/admin/partners/:partnerId/cms-token

  • Purpose: POST /api/admin/partners/:partnerId/cms-token handled by admin.ts; admin partners partnerId cms token service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/admin.ts:386
  • Mounted prefix: /api
  • Service area: admin.ts
  • Internal router label: api
  • Stability: admin-only
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: partnerId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/admin/partners/:partnerId/cms-token" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/partners/:partnerId/cms-token", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

71. GET /api/admin/platform-fee

  • Purpose: GET /api/admin/platform-fee handled by admin.ts; admin platform fee service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/admin.ts:477
  • Mounted prefix: /api
  • Service area: admin.ts
  • Internal router label: api
  • Stability: admin-only
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/admin/platform-fee" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/platform-fee", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

72. PATCH /api/admin/platform-fee

  • Purpose: PATCH /api/admin/platform-fee handled by admin.ts; admin platform fee service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/admin.ts:494
  • Mounted prefix: /api
  • Service area: admin.ts
  • Internal router label: api
  • Stability: admin-only
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/admin/platform-fee" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/platform-fee", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

73. GET /api/admin/platform-security

  • Purpose: GET /api/admin/platform-security handled by admin.ts; admin platform security service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/admin.ts:785
  • Mounted prefix: /api
  • Service area: admin.ts
  • Internal router label: api
  • Stability: admin-only
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/admin/platform-security" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/platform-security", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

74. PATCH /api/admin/platform-security

  • Purpose: PATCH /api/admin/platform-security handled by admin.ts; admin platform security service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/admin.ts:795
  • Mounted prefix: /api
  • Service area: admin.ts
  • Internal router label: api
  • Stability: admin-only
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/admin/platform-security" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/platform-security", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

75. PUT /api/admin/settlement-payment-providers

  • Purpose: PUT /api/admin/settlement-payment-providers handled by admin.ts; admin settlement payment providers service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/admin.ts:651
  • Mounted prefix: /api
  • Service area: admin.ts
  • Internal router label: api
  • Stability: admin-only
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/admin/settlement-payment-providers" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/settlement-payment-providers", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

76. GET /api/admin/settlement-settings

  • Purpose: GET /api/admin/settlement-settings handled by admin.ts; admin settlement settings service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/admin.ts:529
  • Mounted prefix: /api
  • Service area: admin.ts
  • Internal router label: api
  • Stability: admin-only
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/admin/settlement-settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/settlement-settings", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

77. PATCH /api/admin/settlement-settings

  • Purpose: PATCH /api/admin/settlement-settings handled by admin.ts; admin settlement settings service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/admin.ts:567
  • Mounted prefix: /api
  • Service area: admin.ts
  • Internal router label: api
  • Stability: admin-only
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/admin/settlement-settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/admin/settlement-settings", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

78. GET /api/network-bans/:watchlistEntryId

  • Purpose: GET /api/network-bans/:watchlistEntryId handled by networkBans.ts; network bans watchlistEntryId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/networkBans.ts:219
  • Mounted prefix: /api
  • Service area: networkBans.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: watchlistEntryId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/network-bans/:watchlistEntryId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/network-bans/:watchlistEntryId", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

79. PATCH /api/network-bans/:watchlistEntryId/appeal

  • Purpose: PATCH /api/network-bans/:watchlistEntryId/appeal handled by networkBans.ts; network bans watchlistEntryId appeal service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/networkBans.ts:533
  • Mounted prefix: /api
  • Service area: networkBans.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: watchlistEntryId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/network-bans/:watchlistEntryId/appeal" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/network-bans/:watchlistEntryId/appeal", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

80. POST /api/network-bans/:watchlistEntryId/appeal

  • Purpose: POST /api/network-bans/:watchlistEntryId/appeal handled by networkBans.ts; network bans watchlistEntryId appeal service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/networkBans.ts:282
  • Mounted prefix: /api
  • Service area: networkBans.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: watchlistEntryId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/network-bans/:watchlistEntryId/appeal" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/network-bans/:watchlistEntryId/appeal", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

81. GET /api/network-bans/:watchlistEntryId/appeal-status

  • Purpose: GET /api/network-bans/:watchlistEntryId/appeal-status handled by networkBans.ts; network bans watchlistEntryId appeal status service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/networkBans.ts:365
  • Mounted prefix: /api
  • Service area: networkBans.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: watchlistEntryId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/network-bans/:watchlistEntryId/appeal-status" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/network-bans/:watchlistEntryId/appeal-status", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

82. GET /api/network-bans/:watchlistEntryId/appeals

  • Purpose: GET /api/network-bans/:watchlistEntryId/appeals handled by networkBans.ts; network bans watchlistEntryId appeals service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/networkBans.ts:428
  • Mounted prefix: /api
  • Service area: networkBans.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: watchlistEntryId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/network-bans/:watchlistEntryId/appeals" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/network-bans/:watchlistEntryId/appeals", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

83. GET /api/network-bans/appeals

  • Purpose: GET /api/network-bans/appeals handled by networkBans.ts; network bans appeals service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/networkBans.ts:14
  • Mounted prefix: /api
  • Service area: networkBans.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/network-bans/appeals" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/network-bans/appeals", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

84. POST /api/network-bans/appeals/:appealId/decision

  • Purpose: POST /api/network-bans/appeals/:appealId/decision handled by networkBans.ts; network bans appeals appealId decision service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/networkBans.ts:94
  • Mounted prefix: /api
  • Service area: networkBans.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: appealId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/network-bans/appeals/:appealId/decision" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/network-bans/appeals/:appealId/decision", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

85. GET /api/network-bans/my-appeals

  • Purpose: GET /api/network-bans/my-appeals handled by networkBans.ts; network bans my appeals service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/networkBans.ts:154
  • Mounted prefix: /api
  • Service area: networkBans.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/network-bans/my-appeals" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/network-bans/my-appeals", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

86. POST /api/notices/:id/ack

  • Purpose: POST /api/notices/:id/ack handled by notices.ts; notices id ack service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/notices.ts:192
  • Mounted prefix: /api
  • Service area: notices.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/notices/:id/ack" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/notices/:id/ack", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

87. GET /api/notices/unacked

  • Purpose: GET /api/notices/unacked handled by notices.ts; notices unacked service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/notices.ts:133
  • Mounted prefix: /api
  • Service area: notices.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/notices/unacked" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/notices/unacked", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

88. GET /api/org/settings

  • Purpose: GET /api/org/settings handled by orgSettings.ts; org settings service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/orgSettings.ts:89
  • Mounted prefix: /api
  • Service area: orgSettings.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/org/settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/org/settings", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

89. PATCH /api/org/settings

  • Purpose: PATCH /api/org/settings handled by orgSettings.ts; org settings service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/orgSettings.ts:116
  • Mounted prefix: /api
  • Service area: orgSettings.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/org/settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/org/settings", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

90. POST /api/org/settings/data-silo/backfill

  • Purpose: POST /api/org/settings/data-silo/backfill handled by orgSettings.ts; org settings data silo backfill service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/orgSettings.ts:210
  • Mounted prefix: /api
  • Service area: orgSettings.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/org/settings/data-silo/backfill" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/org/settings/data-silo/backfill", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/admin-and-organization/

91. GET /api/access

  • Purpose: GET /api/access handled by access.ts; access service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/access.ts:41
  • Mounted prefix: /api
  • Service area: access.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/access" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/access", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

92. GET /api/cms-token

  • Purpose: GET /api/cms-token handled by access.ts; cms token service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/access.ts:188
  • Mounted prefix: /api
  • Service area: access.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/cms-token" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/cms-token", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

93. GET /api/partner-directory

  • Purpose: GET /api/partner-directory handled by access.ts; partner directory service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/access.ts:164
  • Mounted prefix: /api
  • Service area: access.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/partner-directory" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/partner-directory", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

94. POST /auth/accept-invite

  • Purpose: POST /auth/accept-invite handled by auth.ts; auth accept invite service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:735
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/accept-invite" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/accept-invite", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

95. POST /auth/change-password

  • Purpose: POST /auth/change-password handled by auth.ts; auth change password service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:668
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/change-password" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/change-password", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

96. POST /auth/dev-session

  • Purpose: POST /auth/dev-session handled by auth.ts; auth dev session service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:538
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/dev-session" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/dev-session", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

97. POST /auth/exchange

  • Purpose: POST /auth/exchange handled by auth.ts; auth exchange service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:636
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/exchange" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/exchange", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

98. GET /auth/mfa/status

  • Purpose: GET /auth/mfa/status handled by auth.ts; auth mfa status service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:403
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May create, refresh, or clear auth/session state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/auth/mfa/status" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/mfa/status", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

99. POST /auth/mfa/totp/enroll

  • Purpose: POST /auth/mfa/totp/enroll handled by auth.ts; auth mfa totp enroll service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:446
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/mfa/totp/enroll" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/mfa/totp/enroll", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

100. POST /auth/mfa/totp/unenroll

  • Purpose: POST /auth/mfa/totp/unenroll handled by auth.ts; auth mfa totp unenroll service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:514
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/mfa/totp/unenroll" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/mfa/totp/unenroll", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

101. POST /auth/mfa/totp/verify

  • Purpose: POST /auth/mfa/totp/verify handled by auth.ts; auth mfa totp verify service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:474
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/mfa/totp/verify" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/mfa/totp/verify", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

102. POST /auth/otp/send

  • Purpose: POST /auth/otp/send handled by auth.ts; auth otp send service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:223
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/otp/send" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/otp/send", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

103. POST /auth/otp/verify

  • Purpose: POST /auth/otp/verify handled by auth.ts; auth otp verify service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:264
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/otp/verify" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/otp/verify", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

104. POST /auth/passkey/authentication/options

  • Purpose: POST /auth/passkey/authentication/options handled by auth.ts; auth passkey authentication options service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:308
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/passkey/authentication/options" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/passkey/authentication/options", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

105. POST /auth/passkey/authentication/verify

  • Purpose: POST /auth/passkey/authentication/verify handled by auth.ts; auth passkey authentication verify service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:327
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/passkey/authentication/verify" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/passkey/authentication/verify", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

106. POST /auth/passkey/registration/options

  • Purpose: POST /auth/passkey/registration/options handled by auth.ts; auth passkey registration options service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:358
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/passkey/registration/options" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/passkey/registration/options", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

107. POST /auth/passkey/registration/verify

  • Purpose: POST /auth/passkey/registration/verify handled by auth.ts; auth passkey registration verify service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:376
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/passkey/registration/verify" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/passkey/registration/verify", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

108. POST /auth/refresh

  • Purpose: POST /auth/refresh handled by auth.ts; auth refresh service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:589
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/refresh" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/refresh", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

109. POST /auth/reset-password

  • Purpose: POST /auth/reset-password handled by auth.ts; auth reset password service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:826
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/reset-password" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/reset-password", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

110. POST /auth/set-password

  • Purpose: POST /auth/set-password handled by auth.ts; auth set password service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:852
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/set-password" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/set-password", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

111. POST /auth/sign-in

  • Purpose: POST /auth/sign-in handled by auth.ts; auth sign in service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:195
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/sign-in" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/sign-in", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

112. POST /auth/sign-out

  • Purpose: POST /auth/sign-out handled by auth.ts; auth sign out service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:704
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/sign-out" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/sign-out", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

113. POST /auth/sign-up

  • Purpose: POST /auth/sign-up handled by auth.ts; auth sign up service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/auth.ts:798
  • Mounted prefix: /auth
  • Service area: auth.ts
  • Internal router label: auth
  • Stability: auth-or-webhook
  • Authentication: Dashboard auth flow or auth helper route; ask the platform owner to confirm exact session and Supabase behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/auth/sign-up" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/auth/sign-up", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

114. POST /hooks/send-email

  • Purpose: POST /hooks/send-email handled by authEmail.ts; hooks send email service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/authEmail.ts:864
  • Mounted prefix: /hooks
  • Service area: authEmail.ts
  • Internal router label: hooks
  • Stability: auth-or-webhook
  • Authentication: Webhook/internal route; ask the platform owner to confirm signature or shared secret verification before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May create, refresh, or clear auth/session state. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/hooks/send-email" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/hooks/send-email", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/auth/

115. GET /api/lan-system/releases/assets/:assetId

  • Purpose: GET /api/lan-system/releases/assets/:assetId handled by lanSystemReleases.ts; lan system releases assets assetId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/lanSystemReleases.ts:154
  • Mounted prefix: /api
  • Service area: lanSystemReleases.ts
  • Internal router label: api
  • Stability: LAN support
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: assetId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/lan-system/releases/assets/:assetId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/lan-system/releases/assets/:assetId", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/ems-lan-support/

116. GET /api/lan-system/releases/latest

  • Purpose: GET /api/lan-system/releases/latest handled by lanSystemReleases.ts; lan system releases latest service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/lanSystemReleases.ts:99
  • Mounted prefix: /api
  • Service area: lanSystemReleases.ts
  • Internal router label: api
  • Stability: LAN support
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/lan-system/releases/latest" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/lan-system/releases/latest", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/ems-lan-support/

117. GET /api/events/:id/activities

  • Purpose: GET /api/events/:id/activities handled by activities.ts; events id activities service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/activities.ts:576
  • Mounted prefix: /api
  • Service area: activities.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/activities" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/activities", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

118. PUT /api/events/:id/activities

  • Purpose: PUT /api/events/:id/activities handled by activities.ts; events id activities service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/activities.ts:589
  • Mounted prefix: /api
  • Service area: activities.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/activities" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/activities", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

119. POST /api/events/:id/activities/submissions/:submissionId/review

  • Purpose: POST /api/events/:id/activities/submissions/:submissionId/review handled by activities.ts; events id activities submissions submissionId review service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/activities.ts:663
  • Mounted prefix: /api
  • Service area: activities.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, submissionId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/activities/submissions/:submissionId/review" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/activities/submissions/:submissionId/review", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

120. PUT /api/events/:id/addons

  • Purpose: PUT /api/events/:id/addons handled by eventConfig.ts; events id addons service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/eventConfig.ts:476
  • Mounted prefix: /api
  • Service area: eventConfig.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/addons" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/addons", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

121. PUT /api/events/:id/check-in/:kind/:recordId

  • Purpose: PUT /api/events/:id/check-in/:kind/:recordId handled by checkIn.ts; events id check in kind recordId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/checkIn.ts:1830
  • Mounted prefix: /api
  • Service area: checkIn.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, kind, recordId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/check-in/:kind/:recordId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/check-in/:kind/:recordId", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

122. PUT /api/events/:id/check-in/:kind/:recordId/claim

  • Purpose: PUT /api/events/:id/check-in/:kind/:recordId/claim handled by checkIn.ts; events id check in kind recordId claim service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/checkIn.ts:1913
  • Mounted prefix: /api
  • Service area: checkIn.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, kind, recordId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/check-in/:kind/:recordId/claim" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/check-in/:kind/:recordId/claim", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

123. GET /api/events/:id/check-in/entries

  • Purpose: GET /api/events/:id/check-in/entries handled by checkIn.ts; events id check in entries service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/checkIn.ts:1622
  • Mounted prefix: /api
  • Service area: checkIn.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/check-in/entries" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/check-in/entries", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

124. GET /api/events/:id/check-in/entry

  • Purpose: GET /api/events/:id/check-in/entry handled by checkIn.ts; events id check in entry service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/checkIn.ts:1634
  • Mounted prefix: /api
  • Service area: checkIn.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/check-in/entry" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/check-in/entry", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

125. GET /api/events/:id/check-in/offline-snapshot

  • Purpose: GET /api/events/:id/check-in/offline-snapshot handled by checkIn.ts; events id check in offline snapshot service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/checkIn.ts:1670
  • Mounted prefix: /api
  • Service area: checkIn.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/check-in/offline-snapshot" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/check-in/offline-snapshot", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

126. GET /api/events/:id/check-in/offline-snapshot/history

  • Purpose: GET /api/events/:id/check-in/offline-snapshot/history handled by checkIn.ts; events id check in offline snapshot history service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/checkIn.ts:1657
  • Mounted prefix: /api
  • Service area: checkIn.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/check-in/offline-snapshot/history" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/check-in/offline-snapshot/history", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

127. POST /api/events/:id/check-in/offline-snapshot/import

  • Purpose: POST /api/events/:id/check-in/offline-snapshot/import handled by checkIn.ts; events id check in offline snapshot import service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/checkIn.ts:1793
  • Mounted prefix: /api
  • Service area: checkIn.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/check-in/offline-snapshot/import" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/check-in/offline-snapshot/import", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

128. GET /api/events/:id/check-in/settings

  • Purpose: GET /api/events/:id/check-in/settings handled by checkIn.ts; events id check in settings service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/checkIn.ts:1584
  • Mounted prefix: /api
  • Service area: checkIn.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/check-in/settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/check-in/settings", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

129. PUT /api/events/:id/check-in/settings

  • Purpose: PUT /api/events/:id/check-in/settings handled by checkIn.ts; events id check in settings service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/checkIn.ts:1597
  • Mounted prefix: /api
  • Service area: checkIn.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/check-in/settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/check-in/settings", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

130. GET /api/events/:id/communications/audiences

  • Purpose: GET /api/events/:id/communications/audiences handled by communications.ts; events id communications audiences service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/communications.ts:409
  • Mounted prefix: /api
  • Service area: communications.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/communications/audiences" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/communications/audiences", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

131. POST /api/events/:id/communications/blasts

  • Purpose: POST /api/events/:id/communications/blasts handled by communications.ts; events id communications blasts service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/communications.ts:484
  • Mounted prefix: /api
  • Service area: communications.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/communications/blasts" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/communications/blasts", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

132. POST /api/events/:id/communications/preview

  • Purpose: POST /api/events/:id/communications/preview handled by communications.ts; events id communications preview service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/communications.ts:433
  • Mounted prefix: /api
  • Service area: communications.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/communications/preview" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/communications/preview", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

133. GET /api/events/:id/conditions-of-entry

  • Purpose: GET /api/events/:id/conditions-of-entry handled by conditionsOfEntry.ts; events id conditions of entry service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/conditionsOfEntry.ts:39
  • Mounted prefix: /api
  • Service area: conditionsOfEntry.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/conditions-of-entry" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/conditions-of-entry", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

134. GET /api/events/:id/conditions-of-entry

  • Purpose: GET /api/events/:id/conditions-of-entry handled by conditionsOfEntry.ts; events id conditions of entry service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/conditionsOfEntry.ts:39
  • Mounted prefix: /api
  • Service area: conditionsOfEntry.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/conditions-of-entry" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/conditions-of-entry", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

135. PUT /api/events/:id/conditions-of-entry

  • Purpose: PUT /api/events/:id/conditions-of-entry handled by conditionsOfEntry.ts; events id conditions of entry service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/conditionsOfEntry.ts:79
  • Mounted prefix: /api
  • Service area: conditionsOfEntry.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/conditions-of-entry" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/conditions-of-entry", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

136. PUT /api/events/:id/conditions-of-entry

  • Purpose: PUT /api/events/:id/conditions-of-entry handled by conditionsOfEntry.ts; events id conditions of entry service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/conditionsOfEntry.ts:79
  • Mounted prefix: /api
  • Service area: conditionsOfEntry.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/conditions-of-entry" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/conditions-of-entry", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

137. GET /api/events/:id/dealers-den/applications

  • Purpose: GET /api/events/:id/dealers-den/applications handled by dealersDen.ts; events id dealers den applications service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:847
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/dealers-den/applications" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/applications", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

138. DELETE /api/events/:id/dealers-den/applications/:appId

  • Purpose: DELETE /api/events/:id/dealers-den/applications/:appId handled by dealersDen.ts; events id dealers den applications appId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:812
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, appId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/events/:id/dealers-den/applications/:appId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/applications/:appId", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

139. GET /api/events/:id/dealers-den/applications/:appId

  • Purpose: GET /api/events/:id/dealers-den/applications/:appId handled by dealersDen.ts; events id dealers den applications appId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:875
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, appId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/dealers-den/applications/:appId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/applications/:appId", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

140. POST /api/events/:id/dealers-den/applications/:appId/approve

  • Purpose: POST /api/events/:id/dealers-den/applications/:appId/approve handled by dealersDen.ts; events id dealers den applications appId approve service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:901
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, appId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/dealers-den/applications/:appId/approve" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/applications/:appId/approve", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

141. POST /api/events/:id/dealers-den/applications/:appId/deny

  • Purpose: POST /api/events/:id/dealers-den/applications/:appId/deny handled by dealersDen.ts; events id dealers den applications appId deny service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:990
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, appId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/dealers-den/applications/:appId/deny" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/applications/:appId/deny", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

142. GET /api/events/:id/dealers-den/packages

  • Purpose: GET /api/events/:id/dealers-den/packages handled by dealersDen.ts; events id dealers den packages service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:446
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/dealers-den/packages" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/packages", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

143. POST /api/events/:id/dealers-den/packages

  • Purpose: POST /api/events/:id/dealers-den/packages handled by dealersDen.ts; events id dealers den packages service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:462
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/dealers-den/packages" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/packages", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

144. DELETE /api/events/:id/dealers-den/packages/:pkgId

  • Purpose: DELETE /api/events/:id/dealers-den/packages/:pkgId handled by dealersDen.ts; events id dealers den packages pkgId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:501
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, pkgId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/events/:id/dealers-den/packages/:pkgId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/packages/:pkgId", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

145. PUT /api/events/:id/dealers-den/packages/:pkgId

  • Purpose: PUT /api/events/:id/dealers-den/packages/:pkgId handled by dealersDen.ts; events id dealers den packages pkgId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:480
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, pkgId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/dealers-den/packages/:pkgId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/packages/:pkgId", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

146. GET /api/events/:id/dealers-den/regos

  • Purpose: GET /api/events/:id/dealers-den/regos handled by dealersDen.ts; events id dealers den regos service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:517
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/dealers-den/regos" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/regos", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

147. DELETE /api/events/:id/dealers-den/regos/:regoId

  • Purpose: DELETE /api/events/:id/dealers-den/regos/:regoId handled by dealersDen.ts; events id dealers den regos regoId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:587
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, regoId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/events/:id/dealers-den/regos/:regoId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/regos/:regoId", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

148. PATCH /api/events/:id/dealers-den/regos/:regoId

  • Purpose: PATCH /api/events/:id/dealers-den/regos/:regoId handled by dealersDen.ts; events id dealers den regos regoId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:633
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, regoId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/events/:id/dealers-den/regos/:regoId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/regos/:regoId", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

149. GET /api/events/:id/dealers-den/settings

  • Purpose: GET /api/events/:id/dealers-den/settings handled by dealersDen.ts; events id dealers den settings service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:356
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/dealers-den/settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/settings", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

150. PUT /api/events/:id/dealers-den/settings

  • Purpose: PUT /api/events/:id/dealers-den/settings handled by dealersDen.ts; events id dealers den settings service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:396
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/dealers-den/settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/settings", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

151. GET /api/events/:id/google-wallet-config

  • Purpose: GET /api/events/:id/google-wallet-config handled by eventConfig.ts; events id google wallet config service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/eventConfig.ts:104
  • Mounted prefix: /api
  • Service area: eventConfig.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Google Wallet pass state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/google-wallet-config" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/google-wallet-config", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

152. PUT /api/events/:id/google-wallet-config

  • Purpose: PUT /api/events/:id/google-wallet-config handled by eventConfig.ts; events id google wallet config service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/eventConfig.ts:165
  • Mounted prefix: /api
  • Service area: eventConfig.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May touch Google Wallet pass state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/google-wallet-config" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/google-wallet-config", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

153. GET /api/events/:id/human-resources

  • Purpose: GET /api/events/:id/human-resources handled by humanResources.ts; events id human resources service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/humanResources.ts:1263
  • Mounted prefix: /api
  • Service area: humanResources.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/human-resources" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/human-resources", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

154. PUT /api/events/:id/human-resources

  • Purpose: PUT /api/events/:id/human-resources handled by humanResources.ts; events id human resources service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/humanResources.ts:1278
  • Mounted prefix: /api
  • Service area: humanResources.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/human-resources" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/human-resources", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

155. POST /api/events/:id/human-resources/applications/:applicationId/review

  • Purpose: POST /api/events/:id/human-resources/applications/:applicationId/review handled by humanResources.ts; events id human resources applications applicationId review service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/humanResources.ts:1544
  • Mounted prefix: /api
  • Service area: humanResources.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, applicationId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/human-resources/applications/:applicationId/review" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/human-resources/applications/:applicationId/review", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

156. GET /api/events/:id/human-resources/live-tracker

  • Purpose: GET /api/events/:id/human-resources/live-tracker handled by humanResources.ts; events id human resources live tracker service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/humanResources.ts:1503
  • Mounted prefix: /api
  • Service area: humanResources.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/human-resources/live-tracker" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/human-resources/live-tracker", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

157. PUT /api/events/:id/inclusions

  • Purpose: PUT /api/events/:id/inclusions handled by eventConfig.ts; events id inclusions service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/eventConfig.ts:254
  • Mounted prefix: /api
  • Service area: eventConfig.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/inclusions" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/inclusions", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

158. GET /api/events/:id/inventory

  • Purpose: GET /api/events/:id/inventory handled by inventory.ts; events id inventory service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/inventory.ts:1272
  • Mounted prefix: /api
  • Service area: inventory.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/inventory" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/inventory", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

159. PUT /api/events/:id/inventory/on-hand

  • Purpose: PUT /api/events/:id/inventory/on-hand handled by inventory.ts; events id inventory on hand service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/inventory.ts:1319
  • Mounted prefix: /api
  • Service area: inventory.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/inventory/on-hand" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/inventory/on-hand", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

160. POST /api/events/:id/inventory/pos/quote

  • Purpose: POST /api/events/:id/inventory/pos/quote handled by inventory.ts; events id inventory pos quote service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/inventory.ts:1395
  • Mounted prefix: /api
  • Service area: inventory.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/inventory/pos/quote" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/inventory/pos/quote", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

161. GET /api/events/:id/inventory/pos/transactions

  • Purpose: GET /api/events/:id/inventory/pos/transactions handled by inventory.ts; events id inventory pos transactions service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/inventory.ts:1375
  • Mounted prefix: /api
  • Service area: inventory.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/inventory/pos/transactions" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/inventory/pos/transactions", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

162. POST /api/events/:id/inventory/pos/transactions

  • Purpose: POST /api/events/:id/inventory/pos/transactions handled by inventory.ts; events id inventory pos transactions service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/inventory.ts:1450
  • Mounted prefix: /api
  • Service area: inventory.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/inventory/pos/transactions" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/inventory/pos/transactions", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

163. PUT /api/events/:id/inventory/settings

  • Purpose: PUT /api/events/:id/inventory/settings handled by inventory.ts; events id inventory settings service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/inventory.ts:1286
  • Mounted prefix: /api
  • Service area: inventory.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/inventory/settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/inventory/settings", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

164. GET /api/events/:id/rego/analytics

  • Purpose: GET /api/events/:id/rego/analytics handled by regoAnalytics.ts; events id rego analytics service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoAnalytics.ts:140
  • Mounted prefix: /api
  • Service area: regoAnalytics.ts
  • Internal router label: partnerApi
  • Stability: rego internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/rego/analytics" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/rego/analytics", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

165. PUT /api/events/:id/tiers

  • Purpose: PUT /api/events/:id/tiers handled by eventConfig.ts; events id tiers service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/eventConfig.ts:333
  • Mounted prefix: /api
  • Service area: eventConfig.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/tiers" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/tiers", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

166. GET /api/manage/:id/activities

  • Purpose: GET /api/manage/:id/activities is the Event Management compatibility alias for /api/events/:id/activities.
  • Internal trace: partners-api/src/routes/activities.ts:576
  • Mounted prefix: /api
  • Service area: activities.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/activities" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/activities", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

167. PUT /api/manage/:id/activities

  • Purpose: PUT /api/manage/:id/activities is the Event Management compatibility alias for /api/events/:id/activities.
  • Internal trace: partners-api/src/routes/activities.ts:589
  • Mounted prefix: /api
  • Service area: activities.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/activities" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/activities", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

168. POST /api/manage/:id/activities/submissions/:submissionId/review

  • Purpose: POST /api/manage/:id/activities/submissions/:submissionId/review is the Event Management compatibility alias for /api/events/:id/activities/submissions/:submissionId/review.
  • Internal trace: partners-api/src/routes/activities.ts:663
  • Mounted prefix: /api
  • Service area: activities.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, submissionId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/activities/submissions/:submissionId/review" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/activities/submissions/:submissionId/review", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

169. PUT /api/manage/:id/addons

  • Purpose: PUT /api/manage/:id/addons is the Event Management compatibility alias for /api/events/:id/addons.
  • Internal trace: partners-api/src/routes/eventConfig.ts:476
  • Mounted prefix: /api
  • Service area: eventConfig.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/addons" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/addons", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

170. PUT /api/manage/:id/check-in/:kind/:recordId

  • Purpose: PUT /api/manage/:id/check-in/:kind/:recordId is the Event Management compatibility alias for /api/events/:id/check-in/:kind/:recordId.
  • Internal trace: partners-api/src/routes/checkIn.ts:1830
  • Mounted prefix: /api
  • Service area: checkIn.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, kind, recordId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/check-in/:kind/:recordId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/check-in/:kind/:recordId", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

171. PUT /api/manage/:id/check-in/:kind/:recordId/claim

  • Purpose: PUT /api/manage/:id/check-in/:kind/:recordId/claim is the Event Management compatibility alias for /api/events/:id/check-in/:kind/:recordId/claim.
  • Internal trace: partners-api/src/routes/checkIn.ts:1913
  • Mounted prefix: /api
  • Service area: checkIn.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, kind, recordId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/check-in/:kind/:recordId/claim" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/check-in/:kind/:recordId/claim", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

172. GET /api/manage/:id/check-in/entries

  • Purpose: GET /api/manage/:id/check-in/entries is the Event Management compatibility alias for /api/events/:id/check-in/entries.
  • Internal trace: partners-api/src/routes/checkIn.ts:1622
  • Mounted prefix: /api
  • Service area: checkIn.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/check-in/entries" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/check-in/entries", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

173. GET /api/manage/:id/check-in/entry

  • Purpose: GET /api/manage/:id/check-in/entry is the Event Management compatibility alias for /api/events/:id/check-in/entry.
  • Internal trace: partners-api/src/routes/checkIn.ts:1634
  • Mounted prefix: /api
  • Service area: checkIn.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/check-in/entry" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/check-in/entry", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

174. GET /api/manage/:id/check-in/offline-snapshot

  • Purpose: GET /api/manage/:id/check-in/offline-snapshot is the Event Management compatibility alias for /api/events/:id/check-in/offline-snapshot.
  • Internal trace: partners-api/src/routes/checkIn.ts:1670
  • Mounted prefix: /api
  • Service area: checkIn.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/check-in/offline-snapshot" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/check-in/offline-snapshot", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

175. GET /api/manage/:id/check-in/offline-snapshot/history

  • Purpose: GET /api/manage/:id/check-in/offline-snapshot/history is the Event Management compatibility alias for /api/events/:id/check-in/offline-snapshot/history.
  • Internal trace: partners-api/src/routes/checkIn.ts:1657
  • Mounted prefix: /api
  • Service area: checkIn.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/check-in/offline-snapshot/history" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/check-in/offline-snapshot/history", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

176. POST /api/manage/:id/check-in/offline-snapshot/import

  • Purpose: POST /api/manage/:id/check-in/offline-snapshot/import is the Event Management compatibility alias for /api/events/:id/check-in/offline-snapshot/import.
  • Internal trace: partners-api/src/routes/checkIn.ts:1793
  • Mounted prefix: /api
  • Service area: checkIn.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/check-in/offline-snapshot/import" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/check-in/offline-snapshot/import", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

177. GET /api/manage/:id/check-in/settings

  • Purpose: GET /api/manage/:id/check-in/settings is the Event Management compatibility alias for /api/events/:id/check-in/settings.
  • Internal trace: partners-api/src/routes/checkIn.ts:1584
  • Mounted prefix: /api
  • Service area: checkIn.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/check-in/settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/check-in/settings", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

178. PUT /api/manage/:id/check-in/settings

  • Purpose: PUT /api/manage/:id/check-in/settings is the Event Management compatibility alias for /api/events/:id/check-in/settings.
  • Internal trace: partners-api/src/routes/checkIn.ts:1597
  • Mounted prefix: /api
  • Service area: checkIn.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/check-in/settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/check-in/settings", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

179. GET /api/manage/:id/communications/audiences

  • Purpose: GET /api/manage/:id/communications/audiences is the Event Management compatibility alias for /api/events/:id/communications/audiences.
  • Internal trace: partners-api/src/routes/communications.ts:409
  • Mounted prefix: /api
  • Service area: communications.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/communications/audiences" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/communications/audiences", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

180. POST /api/manage/:id/communications/blasts

  • Purpose: POST /api/manage/:id/communications/blasts is the Event Management compatibility alias for /api/events/:id/communications/blasts.
  • Internal trace: partners-api/src/routes/communications.ts:484
  • Mounted prefix: /api
  • Service area: communications.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/communications/blasts" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/communications/blasts", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

181. POST /api/manage/:id/communications/preview

  • Purpose: POST /api/manage/:id/communications/preview is the Event Management compatibility alias for /api/events/:id/communications/preview.
  • Internal trace: partners-api/src/routes/communications.ts:433
  • Mounted prefix: /api
  • Service area: communications.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/communications/preview" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/communications/preview", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

182. GET /api/manage/:id/conditions-of-entry

  • Purpose: GET /api/manage/:id/conditions-of-entry is the Event Management compatibility alias for /api/events/:id/conditions-of-entry.
  • Internal trace: partners-api/src/routes/conditionsOfEntry.ts:39
  • Mounted prefix: /api
  • Service area: conditionsOfEntry.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/conditions-of-entry" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/conditions-of-entry", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

183. GET /api/manage/:id/conditions-of-entry

  • Purpose: GET /api/manage/:id/conditions-of-entry is the Event Management compatibility alias for /api/events/:id/conditions-of-entry.
  • Internal trace: partners-api/src/routes/conditionsOfEntry.ts:39
  • Mounted prefix: /api
  • Service area: conditionsOfEntry.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/conditions-of-entry" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/conditions-of-entry", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

184. PUT /api/manage/:id/conditions-of-entry

  • Purpose: PUT /api/manage/:id/conditions-of-entry is the Event Management compatibility alias for /api/events/:id/conditions-of-entry.
  • Internal trace: partners-api/src/routes/conditionsOfEntry.ts:79
  • Mounted prefix: /api
  • Service area: conditionsOfEntry.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/conditions-of-entry" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/conditions-of-entry", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

185. PUT /api/manage/:id/conditions-of-entry

  • Purpose: PUT /api/manage/:id/conditions-of-entry is the Event Management compatibility alias for /api/events/:id/conditions-of-entry.
  • Internal trace: partners-api/src/routes/conditionsOfEntry.ts:79
  • Mounted prefix: /api
  • Service area: conditionsOfEntry.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/conditions-of-entry" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/conditions-of-entry", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

186. GET /api/manage/:id/dealers-den/applications

  • Purpose: GET /api/manage/:id/dealers-den/applications is the Event Management compatibility alias for /api/events/:id/dealers-den/applications.
  • Internal trace: partners-api/src/routes/dealersDen.ts:847
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/dealers-den/applications" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/applications", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

187. DELETE /api/manage/:id/dealers-den/applications/:appId

  • Purpose: DELETE /api/manage/:id/dealers-den/applications/:appId is the Event Management compatibility alias for /api/events/:id/dealers-den/applications/:appId.
  • Internal trace: partners-api/src/routes/dealersDen.ts:812
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, appId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/events/:id/dealers-den/applications/:appId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/applications/:appId", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

188. GET /api/manage/:id/dealers-den/applications/:appId

  • Purpose: GET /api/manage/:id/dealers-den/applications/:appId is the Event Management compatibility alias for /api/events/:id/dealers-den/applications/:appId.
  • Internal trace: partners-api/src/routes/dealersDen.ts:875
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, appId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/dealers-den/applications/:appId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/applications/:appId", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

189. POST /api/manage/:id/dealers-den/applications/:appId/approve

  • Purpose: POST /api/manage/:id/dealers-den/applications/:appId/approve is the Event Management compatibility alias for /api/events/:id/dealers-den/applications/:appId/approve.
  • Internal trace: partners-api/src/routes/dealersDen.ts:901
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, appId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/dealers-den/applications/:appId/approve" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/applications/:appId/approve", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

190. POST /api/manage/:id/dealers-den/applications/:appId/deny

  • Purpose: POST /api/manage/:id/dealers-den/applications/:appId/deny is the Event Management compatibility alias for /api/events/:id/dealers-den/applications/:appId/deny.
  • Internal trace: partners-api/src/routes/dealersDen.ts:990
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, appId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/dealers-den/applications/:appId/deny" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/applications/:appId/deny", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

191. GET /api/manage/:id/dealers-den/packages

  • Purpose: GET /api/manage/:id/dealers-den/packages is the Event Management compatibility alias for /api/events/:id/dealers-den/packages.
  • Internal trace: partners-api/src/routes/dealersDen.ts:446
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/dealers-den/packages" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/packages", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

192. POST /api/manage/:id/dealers-den/packages

  • Purpose: POST /api/manage/:id/dealers-den/packages is the Event Management compatibility alias for /api/events/:id/dealers-den/packages.
  • Internal trace: partners-api/src/routes/dealersDen.ts:462
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/dealers-den/packages" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/packages", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

193. DELETE /api/manage/:id/dealers-den/packages/:pkgId

  • Purpose: DELETE /api/manage/:id/dealers-den/packages/:pkgId is the Event Management compatibility alias for /api/events/:id/dealers-den/packages/:pkgId.
  • Internal trace: partners-api/src/routes/dealersDen.ts:501
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, pkgId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/events/:id/dealers-den/packages/:pkgId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/packages/:pkgId", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

194. PUT /api/manage/:id/dealers-den/packages/:pkgId

  • Purpose: PUT /api/manage/:id/dealers-den/packages/:pkgId is the Event Management compatibility alias for /api/events/:id/dealers-den/packages/:pkgId.
  • Internal trace: partners-api/src/routes/dealersDen.ts:480
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, pkgId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/dealers-den/packages/:pkgId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/packages/:pkgId", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

195. GET /api/manage/:id/dealers-den/regos

  • Purpose: GET /api/manage/:id/dealers-den/regos is the Event Management compatibility alias for /api/events/:id/dealers-den/regos.
  • Internal trace: partners-api/src/routes/dealersDen.ts:517
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/dealers-den/regos" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/regos", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

196. DELETE /api/manage/:id/dealers-den/regos/:regoId

  • Purpose: DELETE /api/manage/:id/dealers-den/regos/:regoId is the Event Management compatibility alias for /api/events/:id/dealers-den/regos/:regoId.
  • Internal trace: partners-api/src/routes/dealersDen.ts:587
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, regoId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/events/:id/dealers-den/regos/:regoId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/regos/:regoId", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

197. PATCH /api/manage/:id/dealers-den/regos/:regoId

  • Purpose: PATCH /api/manage/:id/dealers-den/regos/:regoId is the Event Management compatibility alias for /api/events/:id/dealers-den/regos/:regoId.
  • Internal trace: partners-api/src/routes/dealersDen.ts:633
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, regoId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/events/:id/dealers-den/regos/:regoId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/regos/:regoId", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

198. GET /api/manage/:id/dealers-den/settings

  • Purpose: GET /api/manage/:id/dealers-den/settings is the Event Management compatibility alias for /api/events/:id/dealers-den/settings.
  • Internal trace: partners-api/src/routes/dealersDen.ts:356
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/dealers-den/settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/settings", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

199. PUT /api/manage/:id/dealers-den/settings

  • Purpose: PUT /api/manage/:id/dealers-den/settings is the Event Management compatibility alias for /api/events/:id/dealers-den/settings.
  • Internal trace: partners-api/src/routes/dealersDen.ts:396
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/dealers-den/settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/dealers-den/settings", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

200. GET /api/manage/:id/google-wallet-config

  • Purpose: GET /api/manage/:id/google-wallet-config is the Event Management compatibility alias for /api/events/:id/google-wallet-config.
  • Internal trace: partners-api/src/routes/eventConfig.ts:104
  • Mounted prefix: /api
  • Service area: eventConfig.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Google Wallet pass state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/google-wallet-config" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/google-wallet-config", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

201. PUT /api/manage/:id/google-wallet-config

  • Purpose: PUT /api/manage/:id/google-wallet-config is the Event Management compatibility alias for /api/events/:id/google-wallet-config.
  • Internal trace: partners-api/src/routes/eventConfig.ts:165
  • Mounted prefix: /api
  • Service area: eventConfig.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May touch Google Wallet pass state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/google-wallet-config" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/google-wallet-config", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

202. GET /api/manage/:id/human-resources

  • Purpose: GET /api/manage/:id/human-resources is the Event Management compatibility alias for /api/events/:id/human-resources.
  • Internal trace: partners-api/src/routes/humanResources.ts:1263
  • Mounted prefix: /api
  • Service area: humanResources.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/human-resources" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/human-resources", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

203. PUT /api/manage/:id/human-resources

  • Purpose: PUT /api/manage/:id/human-resources is the Event Management compatibility alias for /api/events/:id/human-resources.
  • Internal trace: partners-api/src/routes/humanResources.ts:1278
  • Mounted prefix: /api
  • Service area: humanResources.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/human-resources" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/human-resources", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

204. POST /api/manage/:id/human-resources/applications/:applicationId/review

  • Purpose: POST /api/manage/:id/human-resources/applications/:applicationId/review is the Event Management compatibility alias for /api/events/:id/human-resources/applications/:applicationId/review.
  • Internal trace: partners-api/src/routes/humanResources.ts:1544
  • Mounted prefix: /api
  • Service area: humanResources.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, applicationId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/human-resources/applications/:applicationId/review" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/human-resources/applications/:applicationId/review", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

205. GET /api/manage/:id/human-resources/live-tracker

  • Purpose: GET /api/manage/:id/human-resources/live-tracker is the Event Management compatibility alias for /api/events/:id/human-resources/live-tracker.
  • Internal trace: partners-api/src/routes/humanResources.ts:1503
  • Mounted prefix: /api
  • Service area: humanResources.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/human-resources/live-tracker" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/human-resources/live-tracker", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

206. PUT /api/manage/:id/inclusions

  • Purpose: PUT /api/manage/:id/inclusions is the Event Management compatibility alias for /api/events/:id/inclusions.
  • Internal trace: partners-api/src/routes/eventConfig.ts:254
  • Mounted prefix: /api
  • Service area: eventConfig.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/inclusions" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/inclusions", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

207. GET /api/manage/:id/inventory

  • Purpose: GET /api/manage/:id/inventory is the Event Management compatibility alias for /api/events/:id/inventory.
  • Internal trace: partners-api/src/routes/inventory.ts:1272
  • Mounted prefix: /api
  • Service area: inventory.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/inventory" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/inventory", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

208. PUT /api/manage/:id/inventory/on-hand

  • Purpose: PUT /api/manage/:id/inventory/on-hand is the Event Management compatibility alias for /api/events/:id/inventory/on-hand.
  • Internal trace: partners-api/src/routes/inventory.ts:1319
  • Mounted prefix: /api
  • Service area: inventory.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/inventory/on-hand" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/inventory/on-hand", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

209. POST /api/manage/:id/inventory/pos/quote

  • Purpose: POST /api/manage/:id/inventory/pos/quote is the Event Management compatibility alias for /api/events/:id/inventory/pos/quote.
  • Internal trace: partners-api/src/routes/inventory.ts:1395
  • Mounted prefix: /api
  • Service area: inventory.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/inventory/pos/quote" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/inventory/pos/quote", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

210. GET /api/manage/:id/inventory/pos/transactions

  • Purpose: GET /api/manage/:id/inventory/pos/transactions is the Event Management compatibility alias for /api/events/:id/inventory/pos/transactions.
  • Internal trace: partners-api/src/routes/inventory.ts:1375
  • Mounted prefix: /api
  • Service area: inventory.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/inventory/pos/transactions" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/inventory/pos/transactions", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

211. POST /api/manage/:id/inventory/pos/transactions

  • Purpose: POST /api/manage/:id/inventory/pos/transactions is the Event Management compatibility alias for /api/events/:id/inventory/pos/transactions.
  • Internal trace: partners-api/src/routes/inventory.ts:1450
  • Mounted prefix: /api
  • Service area: inventory.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/inventory/pos/transactions" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/inventory/pos/transactions", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

212. PUT /api/manage/:id/inventory/settings

  • Purpose: PUT /api/manage/:id/inventory/settings is the Event Management compatibility alias for /api/events/:id/inventory/settings.
  • Internal trace: partners-api/src/routes/inventory.ts:1286
  • Mounted prefix: /api
  • Service area: inventory.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/inventory/settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/inventory/settings", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

213. GET /api/manage/:id/rego/analytics

  • Purpose: GET /api/manage/:id/rego/analytics is the Event Management compatibility alias for /api/events/:id/rego/analytics.
  • Internal trace: partners-api/src/routes/regoAnalytics.ts:140
  • Mounted prefix: /api
  • Service area: regoAnalytics.ts
  • Internal router label: partnerApi
  • Stability: rego internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/rego/analytics" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/rego/analytics", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

214. PUT /api/manage/:id/tiers

  • Purpose: PUT /api/manage/:id/tiers is the Event Management compatibility alias for /api/events/:id/tiers.
  • Internal trace: partners-api/src/routes/eventConfig.ts:333
  • Mounted prefix: /api
  • Service area: eventConfig.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/tiers" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/tiers", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

215. GET /api/rego/activities/submissions/my

  • Purpose: GET /api/rego/activities/submissions/my handled by activities.ts; rego activities submissions my service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/activities.ts:895
  • Mounted prefix: /api
  • Service area: activities.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/activities/submissions/my" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/activities/submissions/my", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

216. GET /api/rego/dealers-den/:eventId/info

  • Purpose: GET /api/rego/dealers-den/:eventId/info handled by dealersDen.ts; rego dealers den eventId info service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:1086
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: eventId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/dealers-den/:eventId/info" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/dealers-den/:eventId/info", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

217. POST /api/rego/dealers-den/applications

  • Purpose: POST /api/rego/dealers-den/applications handled by dealersDen.ts; rego dealers den applications service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:1336
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego auth optional for new attendee flow.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/dealers-den/applications" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/dealers-den/applications", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

218. DELETE /api/rego/dealers-den/applications/:appId

  • Purpose: DELETE /api/rego/dealers-den/applications/:appId handled by dealersDen.ts; rego dealers den applications appId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:1506
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: appId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/rego/dealers-den/applications/:appId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/dealers-den/applications/:appId", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

219. GET /api/rego/dealers-den/applications/:appId

  • Purpose: GET /api/rego/dealers-den/applications/:appId handled by dealersDen.ts; rego dealers den applications appId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:1291
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: appId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/dealers-den/applications/:appId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/dealers-den/applications/:appId", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

220. POST /api/rego/dealers-den/applications/:appId/assistants

  • Purpose: POST /api/rego/dealers-den/applications/:appId/assistants handled by dealersDen.ts; rego dealers den applications appId assistants service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:1534
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: appId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/dealers-den/applications/:appId/assistants" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/dealers-den/applications/:appId/assistants", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

221. DELETE /api/rego/dealers-den/applications/:appId/assistants/:aid

  • Purpose: DELETE /api/rego/dealers-den/applications/:appId/assistants/:aid handled by dealersDen.ts; rego dealers den applications appId assistants aid service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:1615
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: appId, aid
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/rego/dealers-den/applications/:appId/assistants/:aid" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/dealers-den/applications/:appId/assistants/:aid", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

222. GET /api/rego/dealers-den/applications/my

  • Purpose: GET /api/rego/dealers-den/applications/my handled by dealersDen.ts; rego dealers den applications my service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:1203
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/dealers-den/applications/my" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/dealers-den/applications/my", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

223. PATCH /api/rego/dealers-den/assistants/:aid/respond

  • Purpose: PATCH /api/rego/dealers-den/assistants/:aid/respond handled by dealersDen.ts; rego dealers den assistants aid respond service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:1652
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: aid
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/rego/dealers-den/assistants/:aid/respond" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/dealers-den/assistants/:aid/respond", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

224. POST /api/rego/dealers-den/events/:eventId/reserve

  • Purpose: POST /api/rego/dealers-den/events/:eventId/reserve handled by dealersDen.ts; rego dealers den events eventId reserve service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:1691
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: eventId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/dealers-den/events/:eventId/reserve" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/dealers-den/events/:eventId/reserve", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

225. GET /api/rego/dealers-den/regos/:regoId

  • Purpose: GET /api/rego/dealers-den/regos/:regoId handled by dealersDen.ts; rego dealers den regos regoId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:2150
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: regoId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/dealers-den/regos/:regoId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/dealers-den/regos/:regoId", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

226. GET /api/rego/dealers-den/regos/:regoId/wallet

  • Purpose: GET /api/rego/dealers-den/regos/:regoId/wallet handled by dealersDen.ts; rego dealers den regos regoId wallet service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:2269
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: regoId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Google Wallet pass state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/dealers-den/regos/:regoId/wallet" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/dealers-den/regos/:regoId/wallet", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

227. GET /api/rego/dealers-den/regos/my

  • Purpose: GET /api/rego/dealers-den/regos/my handled by dealersDen.ts; rego dealers den regos my service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:1223
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/dealers-den/regos/my" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/dealers-den/regos/my", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

228. POST /api/rego/dealers-den/regos/submit

  • Purpose: POST /api/rego/dealers-den/regos/submit handled by dealersDen.ts; rego dealers den regos submit service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:1813
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/dealers-den/regos/submit" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/dealers-den/regos/submit", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

229. POST /api/rego/dealers-den/reservations/:id/release

  • Purpose: POST /api/rego/dealers-den/reservations/:id/release handled by dealersDen.ts; rego dealers den reservations id release service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/dealersDen.ts:1791
  • Mounted prefix: /api
  • Service area: dealersDen.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/dealers-den/reservations/:id/release" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/dealers-den/reservations/:id/release", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

230. GET /api/rego/events/:slug/activities

  • Purpose: GET /api/rego/events/:slug/activities handled by activities.ts; rego events slug activities service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/activities.ts:754
  • Mounted prefix: /api
  • Service area: activities.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego auth optional for new attendee flow.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: slug
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/events/:slug/activities" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/events/:slug/activities", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

231. GET /api/rego/events/:slug/activities/:activitySlug

  • Purpose: GET /api/rego/events/:slug/activities/:activitySlug handled by activities.ts; rego events slug activities activitySlug service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/activities.ts:998
  • Mounted prefix: /api
  • Service area: activities.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego auth optional for new attendee flow.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: slug, activitySlug
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/events/:slug/activities/:activitySlug" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/events/:slug/activities/:activitySlug", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

232. POST /api/rego/events/:slug/activities/:activitySlug/submissions

  • Purpose: POST /api/rego/events/:slug/activities/:activitySlug/submissions handled by activities.ts; rego events slug activities activitySlug submissions service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/activities.ts:1053
  • Mounted prefix: /api
  • Service area: activities.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: slug, activitySlug
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/events/:slug/activities/:activitySlug/submissions" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/events/:slug/activities/:activitySlug/submissions", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

233. GET /api/rego/events/:slug/activities/submissions/my

  • Purpose: GET /api/rego/events/:slug/activities/submissions/my handled by activities.ts; rego events slug activities submissions my service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/activities.ts:807
  • Mounted prefix: /api
  • Service area: activities.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: slug
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/events/:slug/activities/submissions/my" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/events/:slug/activities/submissions/my", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

234. GET /api/rego/events/:slug/shift-authorizers

  • Purpose: GET /api/rego/events/:slug/shift-authorizers handled by humanResources.ts; rego events slug shift authorizers service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/humanResources.ts:2016
  • Mounted prefix: /api
  • Service area: humanResources.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: slug
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/events/:slug/shift-authorizers" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/events/:slug/shift-authorizers", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

235. POST /api/rego/events/:slug/volunteer-applications

  • Purpose: POST /api/rego/events/:slug/volunteer-applications handled by humanResources.ts; rego events slug volunteer applications service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/humanResources.ts:1728
  • Mounted prefix: /api
  • Service area: humanResources.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: slug
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/events/:slug/volunteer-applications" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/events/:slug/volunteer-applications", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

236. GET /api/rego/events/:slug/volunteer-opportunities

  • Purpose: GET /api/rego/events/:slug/volunteer-opportunities handled by humanResources.ts; rego events slug volunteer opportunities service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/humanResources.ts:1632
  • Mounted prefix: /api
  • Service area: humanResources.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego auth optional for new attendee flow.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: slug
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/events/:slug/volunteer-opportunities" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/events/:slug/volunteer-opportunities", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

237. GET /api/rego/human-resources/me

  • Purpose: GET /api/rego/human-resources/me handled by humanResources.ts; rego human resources me service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/humanResources.ts:1856
  • Mounted prefix: /api
  • Service area: humanResources.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/human-resources/me" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/human-resources/me", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

238. POST /api/rego/human-resources/shifts/:shiftId/track

  • Purpose: POST /api/rego/human-resources/shifts/:shiftId/track handled by humanResources.ts; rego human resources shifts shiftId track service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/humanResources.ts:2045
  • Mounted prefix: /api
  • Service area: humanResources.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: shiftId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/human-resources/shifts/:shiftId/track" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/human-resources/shifts/:shiftId/track", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

239. POST /api/rego/notices/:id/ack

  • Purpose: POST /api/rego/notices/:id/ack handled by regoNotices.ts; rego notices id ack service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoNotices.ts:143
  • Mounted prefix: /api
  • Service area: regoNotices.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/notices/:id/ack" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/notices/:id/ack", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

240. GET /api/rego/notices/unacked

  • Purpose: GET /api/rego/notices/unacked handled by regoNotices.ts; rego notices unacked service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoNotices.ts:57
  • Mounted prefix: /api
  • Service area: regoNotices.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/notices/unacked" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/notices/unacked", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

241. GET /api/rego/transactions/me

  • Purpose: GET /api/rego/transactions/me handled by inventory.ts; rego transactions me service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/inventory.ts:1541
  • Mounted prefix: /api
  • Service area: inventory.ts
  • Internal router label: regoApi
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/transactions/me" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/transactions/me", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/event-management/

242. POST /api/events/:eventId/payment-accounts/:accountId/report

  • Purpose: POST /api/events/:eventId/payment-accounts/:accountId/report handled by paymentAccountReports.ts; events eventId payment accounts accountId report service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/paymentAccountReports.ts:18
  • Mounted prefix: /api
  • Service area: paymentAccountReports.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: eventId, accountId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:eventId/payment-accounts/:accountId/report" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:eventId/payment-accounts/:accountId/report", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

243. GET /api/events/:id/finance-programs

  • Purpose: GET /api/events/:id/finance-programs handled by financePrograms.ts; events id finance programs service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/financePrograms.ts:440
  • Mounted prefix: /api
  • Service area: financePrograms.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/finance-programs" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/finance-programs", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

244. PUT /api/events/:id/finance-programs

  • Purpose: PUT /api/events/:id/finance-programs handled by financePrograms.ts; events id finance programs service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/financePrograms.ts:455
  • Mounted prefix: /api
  • Service area: financePrograms.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/finance-programs" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/finance-programs", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

245. GET /api/events/:id/finance/analytics

  • Purpose: GET /api/events/:id/finance/analytics handled by finance.ts; events id finance analytics service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/finance.ts:450
  • Mounted prefix: /api
  • Service area: finance.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/finance/analytics" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/finance/analytics", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

246. GET /api/events/:id/finance/settlements

  • Purpose: GET /api/events/:id/finance/settlements handled by finance.ts; events id finance settlements service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/finance.ts:474
  • Mounted prefix: /api
  • Service area: finance.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/finance/settlements" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/finance/settlements", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

247. POST /api/events/:id/finance/settlements

  • Purpose: POST /api/events/:id/finance/settlements handled by finance.ts; events id finance settlements service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/finance.ts:537
  • Mounted prefix: /api
  • Service area: finance.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May send or prepare outbound communications. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/finance/settlements" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/finance/settlements", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

248. POST /api/events/:id/finance/settlements/quote

  • Purpose: POST /api/events/:id/finance/settlements/quote handled by finance.ts; events id finance settlements quote service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/finance.ts:500
  • Mounted prefix: /api
  • Service area: finance.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/finance/settlements/quote" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/finance/settlements/quote", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

249. GET /api/events/:id/payment-account-reports

  • Purpose: GET /api/events/:id/payment-account-reports handled by paymentAccounts.ts; events id payment account reports service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/paymentAccounts.ts:167
  • Mounted prefix: /api
  • Service area: paymentAccounts.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/payment-account-reports" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/payment-account-reports", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

250. GET /api/events/:id/payment-accounts

  • Purpose: GET /api/events/:id/payment-accounts handled by paymentAccounts.ts; events id payment accounts service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/paymentAccounts.ts:68
  • Mounted prefix: /api
  • Service area: paymentAccounts.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/payment-accounts" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/payment-accounts", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

251. PUT /api/events/:id/payment-accounts

  • Purpose: PUT /api/events/:id/payment-accounts handled by paymentAccounts.ts; events id payment accounts service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/paymentAccounts.ts:92
  • Mounted prefix: /api
  • Service area: paymentAccounts.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/payment-accounts" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/payment-accounts", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

252. GET /api/events/:id/payment-providers

  • Purpose: GET /api/events/:id/payment-providers handled by paymentProviders.ts; events id payment providers service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/paymentProviders.ts:96
  • Mounted prefix: /api
  • Service area: paymentProviders.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/payment-providers" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/payment-providers", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

253. PUT /api/events/:id/payment-providers

  • Purpose: PUT /api/events/:id/payment-providers handled by paymentProviders.ts; events id payment providers service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/paymentProviders.ts:148
  • Mounted prefix: /api
  • Service area: paymentProviders.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/payment-providers" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/payment-providers", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

254. GET /api/events/:id/rego-refunds

  • Purpose: GET /api/events/:id/rego-refunds handled by regoRefunds.ts; events id rego refunds service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoRefunds.ts:962
  • Mounted prefix: /api
  • Service area: regoRefunds.ts
  • Internal router label: partnerApi
  • Stability: rego internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/rego-refunds" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/rego-refunds", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

255. PATCH /api/events/:id/rego-refunds/:refundId/review

  • Purpose: PATCH /api/events/:id/rego-refunds/:refundId/review handled by regoRefunds.ts; events id rego refunds refundId review service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoRefunds.ts:984
  • Mounted prefix: /api
  • Service area: regoRefunds.ts
  • Internal router label: partnerApi
  • Stability: rego internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, refundId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/events/:id/rego-refunds/:refundId/review" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/rego-refunds/:refundId/review", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

256. GET /api/events/:id/rego-transfers

  • Purpose: GET /api/events/:id/rego-transfers handled by regoTransfers.ts; events id rego transfers service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoTransfers.ts:931
  • Mounted prefix: /api
  • Service area: regoTransfers.ts
  • Internal router label: partnerApi
  • Stability: rego internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/rego-transfers" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/rego-transfers", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

257. PATCH /api/events/:id/rego-transfers/:transferId/review

  • Purpose: PATCH /api/events/:id/rego-transfers/:transferId/review handled by regoTransfers.ts; events id rego transfers transferId review service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoTransfers.ts:953
  • Mounted prefix: /api
  • Service area: regoTransfers.ts
  • Internal router label: partnerApi
  • Stability: rego internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, transferId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/events/:id/rego-transfers/:transferId/review" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/rego-transfers/:transferId/review", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

258. GET /api/events/:id/rego-upgrades

  • Purpose: GET /api/events/:id/rego-upgrades handled by regoUpgrades.ts; events id rego upgrades service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoUpgrades.ts:1240
  • Mounted prefix: /api
  • Service area: regoUpgrades.ts
  • Internal router label: partnerApi
  • Stability: rego internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/rego-upgrades" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/rego-upgrades", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

259. PATCH /api/events/:id/rego-upgrades/:upgradeId/review

  • Purpose: PATCH /api/events/:id/rego-upgrades/:upgradeId/review handled by regoUpgrades.ts; events id rego upgrades upgradeId review service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoUpgrades.ts:1304
  • Mounted prefix: /api
  • Service area: regoUpgrades.ts
  • Internal router label: partnerApi
  • Stability: rego internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, upgradeId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/events/:id/rego-upgrades/:upgradeId/review" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/rego-upgrades/:upgradeId/review", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

260. POST /api/manage/:eventId/payment-accounts/:accountId/report

  • Purpose: POST /api/manage/:eventId/payment-accounts/:accountId/report is the Event Management compatibility alias for /api/events/:eventId/payment-accounts/:accountId/report.
  • Internal trace: partners-api/src/routes/paymentAccountReports.ts:18
  • Mounted prefix: /api
  • Service area: paymentAccountReports.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: eventId, accountId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:eventId/payment-accounts/:accountId/report" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:eventId/payment-accounts/:accountId/report", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

261. GET /api/manage/:id/finance-programs

  • Purpose: GET /api/manage/:id/finance-programs is the Event Management compatibility alias for /api/events/:id/finance-programs.
  • Internal trace: partners-api/src/routes/financePrograms.ts:440
  • Mounted prefix: /api
  • Service area: financePrograms.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/finance-programs" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/finance-programs", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

262. PUT /api/manage/:id/finance-programs

  • Purpose: PUT /api/manage/:id/finance-programs is the Event Management compatibility alias for /api/events/:id/finance-programs.
  • Internal trace: partners-api/src/routes/financePrograms.ts:455
  • Mounted prefix: /api
  • Service area: financePrograms.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/finance-programs" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/finance-programs", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

263. GET /api/manage/:id/finance/analytics

  • Purpose: GET /api/manage/:id/finance/analytics is the Event Management compatibility alias for /api/events/:id/finance/analytics.
  • Internal trace: partners-api/src/routes/finance.ts:450
  • Mounted prefix: /api
  • Service area: finance.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/finance/analytics" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/finance/analytics", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

264. GET /api/manage/:id/finance/settlements

  • Purpose: GET /api/manage/:id/finance/settlements is the Event Management compatibility alias for /api/events/:id/finance/settlements.
  • Internal trace: partners-api/src/routes/finance.ts:474
  • Mounted prefix: /api
  • Service area: finance.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/finance/settlements" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/finance/settlements", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

265. POST /api/manage/:id/finance/settlements

  • Purpose: POST /api/manage/:id/finance/settlements is the Event Management compatibility alias for /api/events/:id/finance/settlements.
  • Internal trace: partners-api/src/routes/finance.ts:537
  • Mounted prefix: /api
  • Service area: finance.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May send or prepare outbound communications. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/finance/settlements" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/finance/settlements", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

266. POST /api/manage/:id/finance/settlements/quote

  • Purpose: POST /api/manage/:id/finance/settlements/quote is the Event Management compatibility alias for /api/events/:id/finance/settlements/quote.
  • Internal trace: partners-api/src/routes/finance.ts:500
  • Mounted prefix: /api
  • Service area: finance.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/finance/settlements/quote" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/finance/settlements/quote", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

267. GET /api/manage/:id/payment-account-reports

  • Purpose: GET /api/manage/:id/payment-account-reports is the Event Management compatibility alias for /api/events/:id/payment-account-reports.
  • Internal trace: partners-api/src/routes/paymentAccounts.ts:167
  • Mounted prefix: /api
  • Service area: paymentAccounts.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/payment-account-reports" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/payment-account-reports", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

268. GET /api/manage/:id/payment-accounts

  • Purpose: GET /api/manage/:id/payment-accounts is the Event Management compatibility alias for /api/events/:id/payment-accounts.
  • Internal trace: partners-api/src/routes/paymentAccounts.ts:68
  • Mounted prefix: /api
  • Service area: paymentAccounts.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/payment-accounts" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/payment-accounts", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

269. PUT /api/manage/:id/payment-accounts

  • Purpose: PUT /api/manage/:id/payment-accounts is the Event Management compatibility alias for /api/events/:id/payment-accounts.
  • Internal trace: partners-api/src/routes/paymentAccounts.ts:92
  • Mounted prefix: /api
  • Service area: paymentAccounts.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/payment-accounts" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/payment-accounts", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

270. GET /api/manage/:id/payment-providers

  • Purpose: GET /api/manage/:id/payment-providers is the Event Management compatibility alias for /api/events/:id/payment-providers.
  • Internal trace: partners-api/src/routes/paymentProviders.ts:96
  • Mounted prefix: /api
  • Service area: paymentProviders.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/payment-providers" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/payment-providers", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

271. PUT /api/manage/:id/payment-providers

  • Purpose: PUT /api/manage/:id/payment-providers is the Event Management compatibility alias for /api/events/:id/payment-providers.
  • Internal trace: partners-api/src/routes/paymentProviders.ts:148
  • Mounted prefix: /api
  • Service area: paymentProviders.ts
  • Internal router label: api
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/payment-providers" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/payment-providers", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

272. GET /api/manage/:id/rego-refunds

  • Purpose: GET /api/manage/:id/rego-refunds is the Event Management compatibility alias for /api/events/:id/rego-refunds.
  • Internal trace: partners-api/src/routes/regoRefunds.ts:962
  • Mounted prefix: /api
  • Service area: regoRefunds.ts
  • Internal router label: partnerApi
  • Stability: rego internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/rego-refunds" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/rego-refunds", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

273. PATCH /api/manage/:id/rego-refunds/:refundId/review

  • Purpose: PATCH /api/manage/:id/rego-refunds/:refundId/review is the Event Management compatibility alias for /api/events/:id/rego-refunds/:refundId/review.
  • Internal trace: partners-api/src/routes/regoRefunds.ts:984
  • Mounted prefix: /api
  • Service area: regoRefunds.ts
  • Internal router label: partnerApi
  • Stability: rego internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, refundId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/events/:id/rego-refunds/:refundId/review" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/rego-refunds/:refundId/review", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

274. GET /api/manage/:id/rego-transfers

  • Purpose: GET /api/manage/:id/rego-transfers is the Event Management compatibility alias for /api/events/:id/rego-transfers.
  • Internal trace: partners-api/src/routes/regoTransfers.ts:931
  • Mounted prefix: /api
  • Service area: regoTransfers.ts
  • Internal router label: partnerApi
  • Stability: rego internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/rego-transfers" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/rego-transfers", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

275. PATCH /api/manage/:id/rego-transfers/:transferId/review

  • Purpose: PATCH /api/manage/:id/rego-transfers/:transferId/review is the Event Management compatibility alias for /api/events/:id/rego-transfers/:transferId/review.
  • Internal trace: partners-api/src/routes/regoTransfers.ts:953
  • Mounted prefix: /api
  • Service area: regoTransfers.ts
  • Internal router label: partnerApi
  • Stability: rego internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, transferId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/events/:id/rego-transfers/:transferId/review" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/rego-transfers/:transferId/review", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

276. GET /api/manage/:id/rego-upgrades

  • Purpose: GET /api/manage/:id/rego-upgrades is the Event Management compatibility alias for /api/events/:id/rego-upgrades.
  • Internal trace: partners-api/src/routes/regoUpgrades.ts:1240
  • Mounted prefix: /api
  • Service area: regoUpgrades.ts
  • Internal router label: partnerApi
  • Stability: rego internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/rego-upgrades" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/rego-upgrades", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

277. PATCH /api/manage/:id/rego-upgrades/:upgradeId/review

  • Purpose: PATCH /api/manage/:id/rego-upgrades/:upgradeId/review is the Event Management compatibility alias for /api/events/:id/rego-upgrades/:upgradeId/review.
  • Internal trace: partners-api/src/routes/regoUpgrades.ts:1304
  • Mounted prefix: /api
  • Service area: regoUpgrades.ts
  • Internal router label: partnerApi
  • Stability: rego internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, upgradeId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/events/:id/rego-upgrades/:upgradeId/review" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/rego-upgrades/:upgradeId/review", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

278. POST /api/rego/rego-upgrades/:id/pay

  • Purpose: POST /api/rego/rego-upgrades/:id/pay handled by regoUpgrades.ts; rego rego upgrades id pay service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoUpgrades.ts:1109
  • Mounted prefix: /api
  • Service area: regoUpgrades.ts
  • Internal router label: regoApi
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/rego-upgrades/:id/pay" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/rego-upgrades/:id/pay", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

279. GET /api/rego/regos/:ref/refunds

  • Purpose: GET /api/rego/regos/:ref/refunds handled by regoRefunds.ts; rego regos ref refunds service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoRefunds.ts:747
  • Mounted prefix: /api
  • Service area: regoRefunds.ts
  • Internal router label: regoApi
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: ref
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/regos/:ref/refunds" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/regos/:ref/refunds", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

280. POST /api/rego/regos/:ref/refunds

  • Purpose: POST /api/rego/regos/:ref/refunds handled by regoRefunds.ts; rego regos ref refunds service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoRefunds.ts:802
  • Mounted prefix: /api
  • Service area: regoRefunds.ts
  • Internal router label: regoApi
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: ref
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/regos/:ref/refunds" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/regos/:ref/refunds", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

281. GET /api/rego/regos/:ref/transfers

  • Purpose: GET /api/rego/regos/:ref/transfers handled by regoTransfers.ts; rego regos ref transfers service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoTransfers.ts:633
  • Mounted prefix: /api
  • Service area: regoTransfers.ts
  • Internal router label: regoApi
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: ref
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/regos/:ref/transfers" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/regos/:ref/transfers", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

282. POST /api/rego/regos/:ref/transfers

  • Purpose: POST /api/rego/regos/:ref/transfers handled by regoTransfers.ts; rego regos ref transfers service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoTransfers.ts:695
  • Mounted prefix: /api
  • Service area: regoTransfers.ts
  • Internal router label: regoApi
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: ref
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/regos/:ref/transfers" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/regos/:ref/transfers", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

283. GET /api/rego/regos/:ref/upgrades

  • Purpose: GET /api/rego/regos/:ref/upgrades handled by regoUpgrades.ts; rego regos ref upgrades service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoUpgrades.ts:877
  • Mounted prefix: /api
  • Service area: regoUpgrades.ts
  • Internal router label: regoApi
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: ref
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/regos/:ref/upgrades" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/regos/:ref/upgrades", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

284. POST /api/rego/regos/:ref/upgrades

  • Purpose: POST /api/rego/regos/:ref/upgrades handled by regoUpgrades.ts; rego regos ref upgrades service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoUpgrades.ts:953
  • Mounted prefix: /api
  • Service area: regoUpgrades.ts
  • Internal router label: regoApi
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: ref
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/regos/:ref/upgrades" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/regos/:ref/upgrades", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/
  • Purpose: GET /api/rego/users/transfer-search handled by regoTransfers.ts; rego users transfer search service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoTransfers.ts:602
  • Mounted prefix: /api
  • Service area: regoTransfers.ts
  • Internal router label: regoApi
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May affect finance-adjacent records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/users/transfer-search" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/users/transfer-search", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/finance-and-payments/

286. GET /api/geo/countries

  • Purpose: GET /api/geo/countries handled by geo.ts; geo countries service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/geo.ts:55
  • Mounted prefix: /api
  • Service area: geo.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/geo/countries" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/geo/countries", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/index/

287. GET /api/geo/states/:iso2

  • Purpose: GET /api/geo/states/:iso2 handled by geo.ts; geo states iso2 service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/geo.ts:69
  • Mounted prefix: /api
  • Service area: geo.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: iso2
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/geo/states/:iso2" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/geo/states/:iso2", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/index/

288. GET /api/events/:id/group-rego-settings

  • Purpose: GET /api/events/:id/group-rego-settings handled by groupRego.ts; events id group rego settings service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/groupRego.ts:755
  • Mounted prefix: /api
  • Service area: groupRego.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/group-rego-settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/group-rego-settings", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

289. PUT /api/events/:id/group-rego-settings

  • Purpose: PUT /api/events/:id/group-rego-settings handled by groupRego.ts; events id group rego settings service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/groupRego.ts:775
  • Mounted prefix: /api
  • Service area: groupRego.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/group-rego-settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/group-rego-settings", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

290. POST /api/events/:id/reserve-slot

  • Purpose: POST /api/events/:id/reserve-slot handled by regoReservations.ts; events id reserve slot service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoReservations.ts:20
  • Mounted prefix: /api
  • Service area: regoReservations.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/reserve-slot" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/reserve-slot", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

291. GET /api/events/:id/waitlist-config

  • Purpose: GET /api/events/:id/waitlist-config handled by waitlist.ts; events id waitlist config service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/waitlist.ts:266
  • Mounted prefix: /api
  • Service area: waitlist.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/waitlist-config" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/waitlist-config", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

292. PUT /api/events/:id/waitlist-config/:subjectType/:subjectId

  • Purpose: PUT /api/events/:id/waitlist-config/:subjectType/:subjectId handled by waitlist.ts; events id waitlist config subjectType subjectId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/waitlist.ts:301
  • Mounted prefix: /api
  • Service area: waitlist.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, subjectType, subjectId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/waitlist-config/:subjectType/:subjectId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/waitlist-config/:subjectType/:subjectId", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

293. POST /api/events/:id/waitlist/process-next/:tierId

  • Purpose: POST /api/events/:id/waitlist/process-next/:tierId handled by waitlist.ts; events id waitlist process next tierId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/waitlist.ts:391
  • Mounted prefix: /api
  • Service area: waitlist.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, tierId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/waitlist/process-next/:tierId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/waitlist/process-next/:tierId", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

294. POST /api/internal/waitlist/expire-offers

  • Purpose: POST /api/internal/waitlist/expire-offers handled by waitlist.ts; internal waitlist expire offers service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/waitlist.ts:648
  • Mounted prefix: /api
  • Service area: waitlist.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Internal cron secret required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/internal/waitlist/expire-offers" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/internal/waitlist/expire-offers", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

295. GET /api/manage/:id/group-rego-settings

  • Purpose: GET /api/manage/:id/group-rego-settings is the Event Management compatibility alias for /api/events/:id/group-rego-settings.
  • Internal trace: partners-api/src/routes/groupRego.ts:755
  • Mounted prefix: /api
  • Service area: groupRego.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/group-rego-settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/group-rego-settings", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

296. PUT /api/manage/:id/group-rego-settings

  • Purpose: PUT /api/manage/:id/group-rego-settings is the Event Management compatibility alias for /api/events/:id/group-rego-settings.
  • Internal trace: partners-api/src/routes/groupRego.ts:775
  • Mounted prefix: /api
  • Service area: groupRego.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/group-rego-settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/group-rego-settings", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

297. POST /api/manage/:id/reserve-slot

  • Purpose: POST /api/manage/:id/reserve-slot is the Event Management compatibility alias for /api/events/:id/reserve-slot.
  • Internal trace: partners-api/src/routes/regoReservations.ts:20
  • Mounted prefix: /api
  • Service area: regoReservations.ts
  • Internal router label: api
  • Stability: rego internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/reserve-slot" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/reserve-slot", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

298. GET /api/manage/:id/waitlist-config

  • Purpose: GET /api/manage/:id/waitlist-config is the Event Management compatibility alias for /api/events/:id/waitlist-config.
  • Internal trace: partners-api/src/routes/waitlist.ts:266
  • Mounted prefix: /api
  • Service area: waitlist.ts
  • Internal router label: api
  • Stability: rego internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/waitlist-config" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/waitlist-config", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

299. PUT /api/manage/:id/waitlist-config/:subjectType/:subjectId

  • Purpose: PUT /api/manage/:id/waitlist-config/:subjectType/:subjectId is the Event Management compatibility alias for /api/events/:id/waitlist-config/:subjectType/:subjectId.
  • Internal trace: partners-api/src/routes/waitlist.ts:301
  • Mounted prefix: /api
  • Service area: waitlist.ts
  • Internal router label: api
  • Stability: rego internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, subjectType, subjectId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/waitlist-config/:subjectType/:subjectId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/waitlist-config/:subjectType/:subjectId", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

300. POST /api/manage/:id/waitlist/process-next/:tierId

  • Purpose: POST /api/manage/:id/waitlist/process-next/:tierId is the Event Management compatibility alias for /api/events/:id/waitlist/process-next/:tierId.
  • Internal trace: partners-api/src/routes/waitlist.ts:391
  • Mounted prefix: /api
  • Service area: waitlist.ts
  • Internal router label: api
  • Stability: rego internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, tierId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/waitlist/process-next/:tierId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/waitlist/process-next/:tierId", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

301. POST /api/rego-reservations/:id/release

  • Purpose: POST /api/rego-reservations/:id/release handled by regoReservations.ts; rego reservations id release service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoReservations.ts:92
  • Mounted prefix: /api
  • Service area: regoReservations.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego-reservations/:id/release" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego-reservations/:id/release", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

302. GET /api/rego/affiliate-rewards

  • Purpose: GET /api/rego/affiliate-rewards handled by regoAffiliateRewards.ts; rego affiliate rewards service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoAffiliateRewards.ts:18
  • Mounted prefix: /api
  • Service area: regoAffiliateRewards.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/affiliate-rewards" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/affiliate-rewards", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

303. PUT /api/rego/affiliate-rewards/:affiliateId/payout

  • Purpose: PUT /api/rego/affiliate-rewards/:affiliateId/payout handled by regoAffiliateRewards.ts; rego affiliate rewards affiliateId payout service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoAffiliateRewards.ts:30
  • Mounted prefix: /api
  • Service area: regoAffiliateRewards.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: affiliateId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/rego/affiliate-rewards/:affiliateId/payout" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/affiliate-rewards/:affiliateId/payout", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

304. GET /api/rego/events

  • Purpose: GET /api/rego/events handled by rego.ts; rego events service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rego.ts:848
  • Mounted prefix: /api
  • Service area: rego.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/events" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/events", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

305. GET /api/rego/events/:slug

  • Purpose: GET /api/rego/events/:slug handled by rego.ts; rego events slug service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rego.ts:904
  • Mounted prefix: /api
  • Service area: rego.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: slug
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/events/:slug" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/events/:slug", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

306. GET /api/rego/fursonas

  • Purpose: GET /api/rego/fursonas handled by fursonas.ts; rego fursonas service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/fursonas.ts:69
  • Mounted prefix: /api
  • Service area: fursonas.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/fursonas" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/fursonas", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

307. POST /api/rego/fursonas

  • Purpose: POST /api/rego/fursonas handled by fursonas.ts; rego fursonas service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/fursonas.ts:90
  • Mounted prefix: /api
  • Service area: fursonas.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/fursonas" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/fursonas", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

308. DELETE /api/rego/fursonas/:id

  • Purpose: DELETE /api/rego/fursonas/:id handled by fursonas.ts; rego fursonas id service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/fursonas.ts:195
  • Mounted prefix: /api
  • Service area: fursonas.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/rego/fursonas/:id" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/fursonas/:id", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

309. PUT /api/rego/fursonas/:id

  • Purpose: PUT /api/rego/fursonas/:id handled by fursonas.ts; rego fursonas id service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/fursonas.ts:136
  • Mounted prefix: /api
  • Service area: fursonas.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/rego/fursonas/:id" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/fursonas/:id", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

310. DELETE /api/rego/fursonas/:id/refs

  • Purpose: DELETE /api/rego/fursonas/:id/refs handled by fursonas.ts; rego fursonas id refs service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/fursonas.ts:282
  • Mounted prefix: /api
  • Service area: fursonas.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/rego/fursonas/:id/refs" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/fursonas/:id/refs", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

311. POST /api/rego/fursonas/:id/refs

  • Purpose: POST /api/rego/fursonas/:id/refs handled by fursonas.ts; rego fursonas id refs service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/fursonas.ts:232
  • Mounted prefix: /api
  • Service area: fursonas.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/fursonas/:id/refs" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/fursonas/:id/refs", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

312. PUT /api/rego/fursonas/:id/refs/latest

  • Purpose: PUT /api/rego/fursonas/:id/refs/latest handled by fursonas.ts; rego fursonas id refs latest service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/fursonas.ts:332
  • Mounted prefix: /api
  • Service area: fursonas.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/rego/fursonas/:id/refs/latest" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/fursonas/:id/refs/latest", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

313. POST /api/rego/groups

  • Purpose: POST /api/rego/groups handled by groupRego.ts; rego groups service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/groupRego.ts:212
  • Mounted prefix: /api
  • Service area: groupRego.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/groups" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/groups", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

314. GET /api/rego/groups/:id

  • Purpose: GET /api/rego/groups/:id handled by groupRego.ts; rego groups id service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/groupRego.ts:350
  • Mounted prefix: /api
  • Service area: groupRego.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/groups/:id" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/groups/:id", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

315. PATCH /api/rego/groups/:id/accept

  • Purpose: PATCH /api/rego/groups/:id/accept handled by groupRego.ts; rego groups id accept service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/groupRego.ts:504
  • Mounted prefix: /api
  • Service area: groupRego.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/rego/groups/:id/accept" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/groups/:id/accept", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

316. PATCH /api/rego/groups/:id/cancel

  • Purpose: PATCH /api/rego/groups/:id/cancel handled by groupRego.ts; rego groups id cancel service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/groupRego.ts:518
  • Mounted prefix: /api
  • Service area: groupRego.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/rego/groups/:id/cancel" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/groups/:id/cancel", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

317. PATCH /api/rego/groups/:id/decline

  • Purpose: PATCH /api/rego/groups/:id/decline handled by groupRego.ts; rego groups id decline service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/groupRego.ts:511
  • Mounted prefix: /api
  • Service area: groupRego.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/rego/groups/:id/decline" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/groups/:id/decline", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

318. POST /api/rego/groups/:id/invite

  • Purpose: POST /api/rego/groups/:id/invite handled by groupRego.ts; rego groups id invite service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/groupRego.ts:392
  • Mounted prefix: /api
  • Service area: groupRego.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/groups/:id/invite" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/groups/:id/invite", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

319. DELETE /api/rego/groups/:id/members/:memberId

  • Purpose: DELETE /api/rego/groups/:id/members/:memberId handled by groupRego.ts; rego groups id members memberId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/groupRego.ts:600
  • Mounted prefix: /api
  • Service area: groupRego.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, memberId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/rego/groups/:id/members/:memberId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/groups/:id/members/:memberId", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

320. PATCH /api/rego/groups/:id/members/:memberId

  • Purpose: PATCH /api/rego/groups/:id/members/:memberId handled by groupRego.ts; rego groups id members memberId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/groupRego.ts:550
  • Mounted prefix: /api
  • Service area: groupRego.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, memberId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/rego/groups/:id/members/:memberId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/groups/:id/members/:memberId", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

321. POST /api/rego/groups/:id/submit

  • Purpose: POST /api/rego/groups/:id/submit handled by rego.ts; rego groups id submit service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rego.ts:2123
  • Mounted prefix: /api
  • Service area: rego.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/groups/:id/submit" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/groups/:id/submit", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

322. GET /api/rego/groups/:id/totals

  • Purpose: GET /api/rego/groups/:id/totals handled by groupRego.ts; rego groups id totals service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/groupRego.ts:637
  • Mounted prefix: /api
  • Service area: groupRego.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/groups/:id/totals" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/groups/:id/totals", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

323. GET /api/rego/groups/my

  • Purpose: GET /api/rego/groups/my handled by groupRego.ts; rego groups my service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/groupRego.ts:292
  • Mounted prefix: /api
  • Service area: groupRego.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/groups/my" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/groups/my", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

324. POST /api/rego/internal/archive-expired

  • Purpose: POST /api/rego/internal/archive-expired handled by rego.ts; rego internal archive expired service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rego.ts:2946
  • Mounted prefix: /api
  • Service area: rego.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Internal cron secret required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/internal/archive-expired" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/internal/archive-expired", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

325. PUT /api/rego/prefills

  • Purpose: PUT /api/rego/prefills handled by rego.ts; rego prefills service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rego.ts:1168
  • Mounted prefix: /api
  • Service area: rego.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego auth optional for new attendee flow.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/rego/prefills" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/prefills", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

326. DELETE /api/rego/prefills/:eventId

  • Purpose: DELETE /api/rego/prefills/:eventId handled by rego.ts; rego prefills eventId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rego.ts:1384
  • Mounted prefix: /api
  • Service area: rego.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: eventId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/rego/prefills/:eventId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/prefills/:eventId", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

327. GET /api/rego/prefills/:eventId

  • Purpose: GET /api/rego/prefills/:eventId handled by rego.ts; rego prefills eventId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rego.ts:1118
  • Mounted prefix: /api
  • Service area: rego.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: eventId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/prefills/:eventId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/prefills/:eventId", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

328. GET /api/rego/profile

  • Purpose: GET /api/rego/profile handled by regoProfile.ts; rego profile service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoProfile.ts:162
  • Mounted prefix: /api
  • Service area: regoProfile.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego auth optional for new attendee flow.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/profile" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/profile", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

329. PUT /api/rego/profile

  • Purpose: PUT /api/rego/profile handled by regoProfile.ts; rego profile service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoProfile.ts:251
  • Mounted prefix: /api
  • Service area: regoProfile.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego auth optional for new attendee flow.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/rego/profile" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/profile", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

330. PATCH /api/rego/profile/email-preferences

  • Purpose: PATCH /api/rego/profile/email-preferences handled by regoProfile.ts; rego profile email preferences service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoProfile.ts:355
  • Mounted prefix: /api
  • Service area: regoProfile.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego auth optional for new attendee flow.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May send or prepare outbound communications.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/rego/profile/email-preferences" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/profile/email-preferences", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

331. GET /api/rego/profile/import-dashboard

  • Purpose: GET /api/rego/profile/import-dashboard handled by regoProfile.ts; rego profile import dashboard service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoProfile.ts:188
  • Mounted prefix: /api
  • Service area: regoProfile.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego auth optional for new attendee flow.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/profile/import-dashboard" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/profile/import-dashboard", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

332. GET /api/rego/profile/photo

  • Purpose: GET /api/rego/profile/photo handled by regoProfile.ts; rego profile photo service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoProfile.ts:449
  • Mounted prefix: /api
  • Service area: regoProfile.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego auth optional for new attendee flow.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/profile/photo" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/profile/photo", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

333. PATCH /api/rego/profile/photo

  • Purpose: PATCH /api/rego/profile/photo handled by regoProfile.ts; rego profile photo service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoProfile.ts:468
  • Mounted prefix: /api
  • Service area: regoProfile.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego auth optional for new attendee flow.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/rego/profile/photo" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/profile/photo", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

334. PATCH /api/rego/profile/username

  • Purpose: PATCH /api/rego/profile/username handled by regoProfile.ts; rego profile username service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoProfile.ts:414
  • Mounted prefix: /api
  • Service area: regoProfile.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego auth optional for new attendee flow.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/rego/profile/username" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/profile/username", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

335. POST /api/rego/quote

  • Purpose: POST /api/rego/quote handled by rego.ts; rego quote service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rego.ts:1027
  • Mounted prefix: /api
  • Service area: rego.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego auth optional for new attendee flow.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/quote" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/quote", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

336. POST /api/rego/regos

  • Purpose: POST /api/rego/regos handled by rego.ts; rego regos service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rego.ts:1721
  • Mounted prefix: /api
  • Service area: rego.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego auth optional for new attendee flow.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/regos" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/regos", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

337. GET /api/rego/regos/:ref

  • Purpose: GET /api/rego/regos/:ref handled by rego.ts; rego regos ref service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rego.ts:1472
  • Mounted prefix: /api
  • Service area: rego.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: ref
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/regos/:ref" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/regos/:ref", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

338. GET /api/rego/regos/:ref/wallet

  • Purpose: GET /api/rego/regos/:ref/wallet handled by rego.ts; rego regos ref wallet service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rego.ts:1651
  • Mounted prefix: /api
  • Service area: rego.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: ref
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Google Wallet pass state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/regos/:ref/wallet" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/regos/:ref/wallet", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

339. GET /api/rego/regos/me

  • Purpose: GET /api/rego/regos/me handled by rego.ts; rego regos me service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rego.ts:1409
  • Mounted prefix: /api
  • Service area: rego.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/regos/me" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/regos/me", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

340. GET /api/rego/username/check

  • Purpose: GET /api/rego/username/check handled by regoProfile.ts; rego username check service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/regoProfile.ts:396
  • Mounted prefix: /api
  • Service area: regoProfile.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego auth optional for new attendee flow.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/username/check" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/username/check", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

341. POST /api/rego/waitlist

  • Purpose: POST /api/rego/waitlist handled by rego.ts; rego waitlist service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rego.ts:2856
  • Mounted prefix: /api
  • Service area: rego.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego auth optional for new attendee flow.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/waitlist" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/waitlist", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

342. POST /api/rego/waitlist/:entryId/accept

  • Purpose: POST /api/rego/waitlist/:entryId/accept handled by waitlist.ts; rego waitlist entryId accept service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/waitlist.ts:556
  • Mounted prefix: /api
  • Service area: waitlist.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: entryId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/waitlist/:entryId/accept" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/waitlist/:entryId/accept", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

343. POST /api/rego/waitlist/:entryId/decline

  • Purpose: POST /api/rego/waitlist/:entryId/decline handled by waitlist.ts; rego waitlist entryId decline service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/waitlist.ts:473
  • Mounted prefix: /api
  • Service area: waitlist.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: entryId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/waitlist/:entryId/decline" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/waitlist/:entryId/decline", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

344. GET /api/rego/waitlist/me

  • Purpose: GET /api/rego/waitlist/me handled by rego.ts; rego waitlist me service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/rego.ts:2814
  • Mounted prefix: /api
  • Service area: rego.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/waitlist/me" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/waitlist/me", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

345. GET /api/rego/waitlist/pending-offer

  • Purpose: GET /api/rego/waitlist/pending-offer handled by waitlist.ts; rego waitlist pending offer service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/waitlist.ts:416
  • Mounted prefix: /api
  • Service area: waitlist.ts
  • Internal router label: api
  • Stability: rego internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/waitlist/pending-offer" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/waitlist/pending-offer", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/registration-and-attendees/

346. GET /api/events/:id/social/bot-settings

  • Purpose: GET /api/events/:id/social/bot-settings handled by socialLinking.ts; events id social bot settings service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1642
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/social/bot-settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/social/bot-settings", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

347. PATCH /api/events/:id/social/bot-settings

  • Purpose: PATCH /api/events/:id/social/bot-settings handled by socialLinking.ts; events id social bot settings service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1683
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May touch Discord integration state. May touch Telegram integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/events/:id/social/bot-settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/social/bot-settings", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

348. GET /api/events/:id/social/discord/guilds

  • Purpose: GET /api/events/:id/social/discord/guilds handled by socialLinking.ts; events id social discord guilds service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1524
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Discord integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/social/discord/guilds" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/social/discord/guilds", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

349. GET /api/events/:id/social/discord/guilds/:guildId/roles

  • Purpose: GET /api/events/:id/social/discord/guilds/:guildId/roles handled by socialLinking.ts; events id social discord guilds guildId roles service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1545
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, guildId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Discord integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/social/discord/guilds/:guildId/roles" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/social/discord/guilds/:guildId/roles", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

350. GET /api/events/:id/social/discord/link/start

  • Purpose: GET /api/events/:id/social/discord/link/start handled by socialLinking.ts; events id social discord link start service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1449
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Discord integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/social/discord/link/start" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/social/discord/link/start", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

351. GET /api/events/:id/social/telegram/chats

  • Purpose: GET /api/events/:id/social/telegram/chats handled by socialLinking.ts; events id social telegram chats service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1581
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Telegram integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/social/telegram/chats" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/social/telegram/chats", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

352. POST /api/events/:id/social/telegram/link/complete

  • Purpose: POST /api/events/:id/social/telegram/link/complete handled by socialLinking.ts; events id social telegram link complete service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1709
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May touch Telegram integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/social/telegram/link/complete" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/social/telegram/link/complete", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

353. GET /api/events/:id/social/telegram/link/start

  • Purpose: GET /api/events/:id/social/telegram/link/start handled by socialLinking.ts; events id social telegram link start service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1479
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Telegram integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/social/telegram/link/start" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/social/telegram/link/start", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

354. GET /api/events/:id/zep/app-bundle

  • Purpose: GET /api/events/:id/zep/app-bundle handled by zep.ts; events id zep app bundle service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/zep.ts:486
  • Mounted prefix: /api
  • Service area: zep.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/zep/app-bundle" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/zep/app-bundle", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

355. GET /api/events/:id/zep/config

  • Purpose: GET /api/events/:id/zep/config handled by zep.ts; events id zep config service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/zep.ts:424
  • Mounted prefix: /api
  • Service area: zep.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/zep/config" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/zep/config", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

356. PUT /api/events/:id/zep/config

  • Purpose: PUT /api/events/:id/zep/config handled by zep.ts; events id zep config service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/zep.ts:503
  • Mounted prefix: /api
  • Service area: zep.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/zep/config" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/zep/config", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

357. POST /api/internal/social-entitlements/reconcile

  • Purpose: POST /api/internal/social-entitlements/reconcile handled by socialLinking.ts; internal social entitlements reconcile service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:2066
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: internalApi
  • Stability: partner dashboard internal
  • Authentication: Internal cron secret required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/internal/social-entitlements/reconcile" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/internal/social-entitlements/reconcile", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

358. GET /api/manage/:id/social/bot-settings

  • Purpose: GET /api/manage/:id/social/bot-settings is the Event Management compatibility alias for /api/events/:id/social/bot-settings.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1642
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/social/bot-settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/social/bot-settings", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

359. PATCH /api/manage/:id/social/bot-settings

  • Purpose: PATCH /api/manage/:id/social/bot-settings is the Event Management compatibility alias for /api/events/:id/social/bot-settings.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1683
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May touch Discord integration state. May touch Telegram integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/events/:id/social/bot-settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/social/bot-settings", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

360. GET /api/manage/:id/social/discord/guilds

  • Purpose: GET /api/manage/:id/social/discord/guilds is the Event Management compatibility alias for /api/events/:id/social/discord/guilds.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1524
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Discord integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/social/discord/guilds" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/social/discord/guilds", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

361. GET /api/manage/:id/social/discord/guilds/:guildId/roles

  • Purpose: GET /api/manage/:id/social/discord/guilds/:guildId/roles is the Event Management compatibility alias for /api/events/:id/social/discord/guilds/:guildId/roles.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1545
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id, guildId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Discord integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/social/discord/guilds/:guildId/roles" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/social/discord/guilds/:guildId/roles", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

362. GET /api/manage/:id/social/discord/link/start

  • Purpose: GET /api/manage/:id/social/discord/link/start is the Event Management compatibility alias for /api/events/:id/social/discord/link/start.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1449
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Discord integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/social/discord/link/start" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/social/discord/link/start", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

363. GET /api/manage/:id/social/telegram/chats

  • Purpose: GET /api/manage/:id/social/telegram/chats is the Event Management compatibility alias for /api/events/:id/social/telegram/chats.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1581
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Telegram integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/social/telegram/chats" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/social/telegram/chats", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

364. POST /api/manage/:id/social/telegram/link/complete

  • Purpose: POST /api/manage/:id/social/telegram/link/complete is the Event Management compatibility alias for /api/events/:id/social/telegram/link/complete.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1709
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May touch Telegram integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/events/:id/social/telegram/link/complete" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/social/telegram/link/complete", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

365. GET /api/manage/:id/social/telegram/link/start

  • Purpose: GET /api/manage/:id/social/telegram/link/start is the Event Management compatibility alias for /api/events/:id/social/telegram/link/start.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1479
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Telegram integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/social/telegram/link/start" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/social/telegram/link/start", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

366. GET /api/manage/:id/zep/app-bundle

  • Purpose: GET /api/manage/:id/zep/app-bundle is the Event Management compatibility alias for /api/events/:id/zep/app-bundle.
  • Internal trace: partners-api/src/routes/zep.ts:486
  • Mounted prefix: /api
  • Service area: zep.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/zep/app-bundle" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/zep/app-bundle", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

367. GET /api/manage/:id/zep/config

  • Purpose: GET /api/manage/:id/zep/config is the Event Management compatibility alias for /api/events/:id/zep/config.
  • Internal trace: partners-api/src/routes/zep.ts:424
  • Mounted prefix: /api
  • Service area: zep.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/events/:id/zep/config" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/zep/config", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

368. PUT /api/manage/:id/zep/config

  • Purpose: PUT /api/manage/:id/zep/config is the Event Management compatibility alias for /api/events/:id/zep/config.
  • Internal trace: partners-api/src/routes/zep.ts:503
  • Mounted prefix: /api
  • Service area: zep.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal; alias
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PUT "https://api.furries.ph/api/events/:id/zep/config" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/events/:id/zep/config", apiBase), { method: "PUT", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

369. DELETE /api/org/social/discord/guilds/:guildId

  • Purpose: DELETE /api/org/social/discord/guilds/:guildId handled by socialLinking.ts; org social discord guilds guildId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1602
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: guildId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May touch Discord integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/org/social/discord/guilds/:guildId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/org/social/discord/guilds/:guildId", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

370. GET /api/org/social/discord/link/start

  • Purpose: GET /api/org/social/discord/link/start handled by socialLinking.ts; org social discord link start service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1278
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Discord integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/org/social/discord/link/start" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/org/social/discord/link/start", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

371. POST /api/org/social/discord/unlink

  • Purpose: POST /api/org/social/discord/unlink handled by socialLinking.ts; org social discord unlink service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1308
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May touch Discord integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/org/social/discord/unlink" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/org/social/discord/unlink", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

372. GET /api/org/social/settings

  • Purpose: GET /api/org/social/settings handled by socialLinking.ts; org social settings service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1238
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/org/social/settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/org/social/settings", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

373. POST /api/org/social/telegram/chat/link/complete

  • Purpose: POST /api/org/social/telegram/chat/link/complete handled by socialLinking.ts; org social telegram chat link complete service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1423
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May touch Telegram integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/org/social/telegram/chat/link/complete" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/org/social/telegram/chat/link/complete", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

374. GET /api/org/social/telegram/chat/link/start

  • Purpose: GET /api/org/social/telegram/chat/link/start handled by socialLinking.ts; org social telegram chat link start service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1382
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Telegram integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/org/social/telegram/chat/link/start" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/org/social/telegram/chat/link/start", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

375. DELETE /api/org/social/telegram/chats/:chatId

  • Purpose: DELETE /api/org/social/telegram/chats/:chatId handled by socialLinking.ts; org social telegram chats chatId service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1622
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: chatId
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May touch Telegram integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/org/social/telegram/chats/:chatId" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/org/social/telegram/chats/:chatId", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

376. GET /api/org/social/telegram/link/start

  • Purpose: GET /api/org/social/telegram/link/start handled by socialLinking.ts; org social telegram link start service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1328
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Telegram integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/org/social/telegram/link/start" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/org/social/telegram/link/start", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

377. POST /api/org/social/telegram/unlink

  • Purpose: POST /api/org/social/telegram/unlink handled by socialLinking.ts; org social telegram unlink service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1362
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: partnerApi
  • Stability: partner dashboard internal
  • Authentication: Partner dashboard session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May touch Telegram integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/org/social/telegram/unlink" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/org/social/telegram/unlink", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

378. GET /api/rego/friends

  • Purpose: GET /api/rego/friends handled by social.ts; rego friends service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/social.ts:183
  • Mounted prefix: /api
  • Service area: social.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/friends" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/friends", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

379. DELETE /api/rego/friends/:id

  • Purpose: DELETE /api/rego/friends/:id handled by social.ts; rego friends id service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/social.ts:559
  • Mounted prefix: /api
  • Service area: social.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X DELETE "https://api.furries.ph/api/rego/friends/:id" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/friends/:id", apiBase), { method: "DELETE", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

380. PATCH /api/rego/friends/:id/accept

  • Purpose: PATCH /api/rego/friends/:id/accept handled by social.ts; rego friends id accept service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/social.ts:418
  • Mounted prefix: /api
  • Service area: social.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/rego/friends/:id/accept" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/friends/:id/accept", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

381. PATCH /api/rego/friends/:id/decline

  • Purpose: PATCH /api/rego/friends/:id/decline handled by social.ts; rego friends id decline service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/social.ts:488
  • Mounted prefix: /api
  • Service area: social.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: id
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/rego/friends/:id/decline" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/friends/:id/decline", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

382. GET /api/rego/friends/events

  • Purpose: GET /api/rego/friends/events handled by social.ts; rego friends events service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/social.ts:673
  • Mounted prefix: /api
  • Service area: social.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/friends/events" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/friends/events", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

383. POST /api/rego/friends/request

  • Purpose: POST /api/rego/friends/request handled by social.ts; rego friends request service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/social.ts:301
  • Mounted prefix: /api
  • Service area: social.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/friends/request" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/friends/request", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

384. GET /api/rego/friends/requests

  • Purpose: GET /api/rego/friends/requests handled by social.ts; rego friends requests service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/social.ts:241
  • Mounted prefix: /api
  • Service area: social.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/friends/requests" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/friends/requests", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

385. GET /api/rego/friends/sent

  • Purpose: GET /api/rego/friends/sent handled by social.ts; rego friends sent service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/social.ts:271
  • Mounted prefix: /api
  • Service area: social.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/friends/sent" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/friends/sent", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

386. GET /api/rego/social/discord/link/start

  • Purpose: GET /api/rego/social/discord/link/start handled by socialLinking.ts; rego social discord link start service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1132
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: attendeeApi
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Discord integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/social/discord/link/start" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/social/discord/link/start", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

387. POST /api/rego/social/discord/unlink

  • Purpose: POST /api/rego/social/discord/unlink handled by socialLinking.ts; rego social discord unlink service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1188
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: attendeeApi
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May touch Discord integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/social/discord/unlink" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/social/discord/unlink", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

388. GET /api/rego/social/settings

  • Purpose: GET /api/rego/social/settings handled by social.ts; rego social settings service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/social.ts:58
  • Mounted prefix: /api
  • Service area: social.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/social/settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/social/settings", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

389. PATCH /api/rego/social/settings

  • Purpose: PATCH /api/rego/social/settings handled by social.ts; rego social settings service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/social.ts:81
  • Mounted prefix: /api
  • Service area: social.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May touch Discord integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X PATCH "https://api.furries.ph/api/rego/social/settings" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/social/settings", apiBase), { method: "PATCH", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

390. GET /api/rego/social/telegram/link/start

  • Purpose: GET /api/rego/social/telegram/link/start handled by socialLinking.ts; rego social telegram link start service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1158
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: attendeeApi
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May touch Telegram integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/social/telegram/link/start" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/social/telegram/link/start", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

391. POST /api/rego/social/telegram/unlink

  • Purpose: POST /api/rego/social/telegram/unlink handled by socialLinking.ts; rego social telegram unlink service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/socialLinking.ts:1213
  • Mounted prefix: /api
  • Service area: socialLinking.ts
  • Internal router label: attendeeApi
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records. May touch Telegram integration state.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/social/telegram/unlink" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/social/telegram/unlink", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

392. GET /api/rego/users/search

  • Purpose: GET /api/rego/users/search handled by social.ts; rego users search service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/social.ts:129
  • Mounted prefix: /api
  • Service area: social.ts
  • Internal router label: api
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/users/search" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/users/search", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

393. POST /api/rego/zep/launch

  • Purpose: POST /api/rego/zep/launch handled by zep.ts; rego zep launch service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/zep.ts:697
  • Mounted prefix: /api
  • Service area: zep.ts
  • Internal router label: attendeeApi
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/rego/zep/launch" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/zep/launch", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

394. GET /api/rego/zep/status

  • Purpose: GET /api/rego/zep/status handled by zep.ts; rego zep status service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/zep.ts:682
  • Mounted prefix: /api
  • Service area: zep.ts
  • Internal router label: attendeeApi
  • Stability: partner dashboard internal
  • Authentication: Rego attendee session required.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Usually none unless platform owner reads body; confirm with the platform owner.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: Unknown from inventory scan; ask the platform owner to confirm side-effect behavior before relying on it.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X GET "https://api.furries.ph/api/rego/zep/status" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/rego/zep/status", apiBase), { method: "GET", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

395. POST /api/zep/validate

  • Purpose: POST /api/zep/validate handled by zep.ts; zep validate service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/zep.ts:730
  • Mounted prefix: /api
  • Service area: zep.ts
  • Internal router label: publicApi
  • Stability: partner dashboard internal
  • Authentication: Unknown from inventory scan; ask the platform owner to confirm access behavior before use.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/api/zep/validate" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/api/zep/validate", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/social-and-integrations/

396. POST /contact

  • Purpose: POST /contact handled by contact.ts; contact service expectation must be confirmed with the platform owner before adoption.
  • Internal trace: partners-api/src/routes/contact.ts:25
  • Mounted prefix: /contact
  • Service area: contact.ts
  • Internal router label: contact
  • Stability: public
  • Authentication: Public route with validation and outbound mail behavior.
  • Required headers: Unknown from inventory scan; ask the platform owner to confirm access requirements.
  • Optional headers: Authorization, Content-Type, X-Test-Control-Secret, X-Test-Run-Id, and X-Test-Rego-User-Id are allowed by Worker CORS when applicable.
  • Path parameters: None detected from route path.
  • Query parameters: Unknown from inventory scan; ask the platform owner to confirm supported query options.
  • Body schema: Unknown from inventory scan; ask the platform owner to confirm accepted request data.
  • Accepted content types: application/json when a body is accepted
  • Pagination, filtering, sorting: Unknown from inventory scan; ask the platform owner to confirm supported list options.
  • Success status codes: Usually 200 JSON unless platform owner sets another status; confirm with the platform owner.
  • Response shape: Unknown from inventory scan; ask the platform owner to confirm returned data, redirects, downloads, or status behavior.
  • Error status codes: Worker-level 404 returns { error: "Not found" }; uncaught errors return { error: "Internal server error" }; service-specific errors must be confirmed with the platform owner.
  • Error shape: Usually JSON with an error field; confirm service-specific details.
  • Side effects: May mutate platform records.
  • Records touched: Unknown from inventory scan; ask the platform owner to confirm records and external services touched.
  • Idempotency and retry: Unknown from inventory scan; adoption owners must confirm duplicate-submit and retry behavior before client retries.
  • Privacy and security: Classify before use: route may expose attendee, partner, staff, event, finance-adjacent, or trust-safety data.
  • Technical request example (cURL): curl -X POST "https://api.furries.ph/contact" -H "Content-Type: application/json"
  • Technical request example (TypeScript): await fetch(new URL("/contact", apiBase), { method: "POST", credentials: 'include' });
  • Related docs: /platform-api/authentication/permissions-and-roles/, /platform-api/schemas/error-shapes/, /platform-api/route-reference/webhooks-and-contact/

All docs