End User Portal API
Skip this page if you don't expose a self-service portal to your customers. The endpoints here power the GeckoGuard-hosted end-user portal; your end customers (the people who bought a license) hit them, not you.
The end-user portal is a separate auth surface from the dashboard. Tokens issued here are scoped to a single end-user identity and cannot manage other users' data.
For the conceptual overview (what the portal does, how to enable it for your product, branding), see End User Portal. This page is the raw endpoint reference.
Authentication
End-users have their own credentials, separate from GeckoGuard dashboard accounts.
| Method | Endpoint | Description |
|---|---|---|
POST | /v1/enduser/auth/register | Register an end-user account |
POST | /v1/enduser/auth/login | Log in (returns a Bearer token) |
POST | /v1/enduser/auth/logout | Log out |
GET | /v1/enduser/me | Get the current end-user profile |
Tokens issued by /v1/enduser/auth/login are signed with ENDUSER_JWT_SECRET (separate from the dashboard JWT_ACCESS_SECRET) and cannot be used on /v1/dashboard/*. Send them as Authorization: Bearer <token>.
Licenses
| Method | Endpoint | Description |
|---|---|---|
GET | /v1/enduser/licenses | List licenses owned by the current end-user |
POST | /v1/enduser/licenses/activate | Claim a license key onto the current account |
POST | /v1/enduser/licenses/:id/reset-hwid | Self-service HWID reset (subject to the license's maxHwidResets budget) |
GET | /v1/enduser/licenses/:id/downloads | List downloadable files for this license |
POST /v1/enduser/licenses/:id/reset-hwid returns 403 LIMIT_REACHED once the budget is exhausted. The merchant can manually reset via /v1/dashboard/licenses/:id/reset-hwid (no budget on the merchant path).
Bans
End-users can be banned from the portal by the merchant. A banned account receives 403 USER_BANNED on every endpoint. Unban via the dashboard.