Client API
Base path /api/1.x. Called from your app to authenticate its users against a license. Every call except init needs the app-session token as Authorization: Bearer <token>.
/api/1.x/initResolves the app by name + ownerid, enforces the version, and mints the app-session token.
curl -X POST function(){throw Error("Attempted to call BASE() from the server but BASE is on the client. It's not possible to invoke a client function from the server, it can only be rendered as a Component or passed to props of a Client Component.")}/api/1.x/init \
-H "Content-Type: application/json" \
-d '{"name":"My app","ownerid":"your-ownerid","version":"1.0"}'{ "success": true, "session": "<app-session-token>", "app": "My app", "version": "1.0" }426 if the version is outdated · 404 if the app isn't found.
/api/1.x/registerRedeems a license key and creates a user. Body: email, password, license, hwid?.
curl -X POST function(){throw Error("Attempted to call BASE() from the server but BASE is on the client. It's not possible to invoke a client function from the server, it can only be rendered as a Component or passed to props of a Client Component.")}/api/1.x/register \
-H "Authorization: Bearer <app-session>" \
-H "Content-Type: application/json" \
-d '{"email":"user@x.com","password":"secret123","license":"LUMEN-XXXXX-XXXXX-XXXXX-XXXXX","hwid":"DEVICE-ID"}'{ "success": true, "token": "<jwt>", "session": "<user-session-id>",
"user": { "id": "...", "email": "user@x.com", "level": 1, "expiresAt": "..." } }/api/1.x/loginEmail + password login with HWID lock. Body: email, password, hwid?.
curl -X POST function(){throw Error("Attempted to call BASE() from the server but BASE is on the client. It's not possible to invoke a client function from the server, it can only be rendered as a Component or passed to props of a Client Component.")}/api/1.x/login \
-H "Authorization: Bearer <app-session>" \
-H "Content-Type: application/json" \
-d '{"email":"user@x.com","password":"secret123","hwid":"DEVICE-ID"}'/api/1.x/licenseLogin with just a license key (no email/password). Body: license, hwid?.
curl -X POST function(){throw Error("Attempted to call BASE() from the server but BASE is on the client. It's not possible to invoke a client function from the server, it can only be rendered as a Component or passed to props of a Client Component.")}/api/1.x/license \
-H "Authorization: Bearer <app-session>" \
-H "Content-Type: application/json" \
-d '{"license":"LUMEN-XXXXX-XXXXX-XXXXX-XXXXX","hwid":"DEVICE-ID"}'/api/1.x/checkConfirm a user session is still valid (not expired, banned or blacklisted). Body: session.
curl -X POST function(){throw Error("Attempted to call BASE() from the server but BASE is on the client. It's not possible to invoke a client function from the server, it can only be rendered as a Component or passed to props of a Client Component.")}/api/1.x/check \
-H "Authorization: Bearer <app-session>" \
-H "Content-Type: application/json" \
-d '{"session":"<user-session-id>"}'/api/1.x/varRead a server-side variable. Gated by the user's subscription level. Body: session, name.
curl -X POST function(){throw Error("Attempted to call BASE() from the server but BASE is on the client. It's not possible to invoke a client function from the server, it can only be rendered as a Component or passed to props of a Client Component.")}/api/1.x/var \
-H "Authorization: Bearer <app-session>" \
-H "Content-Type: application/json" \
-d '{"session":"<user-session-id>","name":"webhook_url"}'{ "success": true, "name": "webhook_url", "value": "https://…" }/api/1.x/fileDownload a license-gated file. Returns the raw bytes on success (or JSON on error). Body: session, fileId.
curl -X POST function(){throw Error("Attempted to call BASE() from the server but BASE is on the client. It's not possible to invoke a client function from the server, it can only be rendered as a Component or passed to props of a Client Component.")}/api/1.x/file \
-H "Authorization: Bearer <app-session>" \
-H "Content-Type: application/json" \
-d '{"session":"<user-session-id>","fileId":"<file-uuid>"}' \
--output payload.bin