Admin API
These endpoints require administrator privileges (is_admin flag) or specific group administration rights.
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/admin/users | List all users (Admin) or group members (Group Admin). |
| PUT | /api/admin/users/<id>/status | Activate or deactivate a user account (Admin only). |
| DELETE | /api/admin/users/<id> | Delete a user account (Admin only). |
| GET | /api/admin/groups | List all groups (Admin) or owned group (Group Admin). |
| POST | /api/admin/groups | Create a new group (Admin only). |
| DELETE | /api/admin/groups/<id> | Delete a group (Admin only). |
| POST | /api/admin/users/assign-group | Assign a user to a group (Admin only). |
| POST | /api/admin/groups/set-role | Set a user's role within a group (Admin only). |
| POST | /api/admin/users/force-password-change | Force a user to change their password on next login. |
User API
Endpoints available to standard users. Some endpoints (login, register) are public.
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/auth/register | Register a new user account. |
| POST | /api/auth/login | Authenticate and receive a JWT token. |
| POST | /api/auth/2fa/setup | Initiate 2FA setup (returns secret and QR code URL). |
| POST | /api/auth/2fa/activate | Activate 2FA by verifying the code. |
| POST | /api/auth/forgot-password | Request a temporary password (sent via email). |
| GET | /api/users | List accessible users (e.g., group members). |
| GET | /api/user/groups | List groups the user is a member of. |
| POST | /api/user/change-password | Change the current user's password. |
| POST | /api/user/settings | Update user settings (e.g., language). |
| DELETE | /api/user | Delete own user account. |
| GET | /api/events | List events within a date range (params: start, end). |
| POST | /api/events | Create a new event. |
| GET | /api/events/<id> | Get details of a specific event. |
| DELETE | /api/events/<id> | Delete an event (creator or admin). |
| GET | /api/events/stream | Server-Sent Events (SSE) stream for real-time updates. |
| GET | /api/events/ranked | Get "Hall of Fame" (ranked events). |
| POST | /api/events/<id>/rate | Rate an event. |
| GET | /api/events/<id>/ics | Download event as ICS calendar file. |
| POST | /api/events/<id>/photo | Upload a photo to an existing event. |
| GET | /api/system/sysinfo | Retrieve system and build information. |
| GET | /api/system/healthcheck | Check system health status. |