Get App Context

Get information about the application and the current user.

Endpoint: GET /app_context

Headers:

• x-api-key (required) - Your application’s API key
• x-api-secret (required) - Your application’s API secret

User Authentication (optional or required):

If your app allows anonymous access, user authentication is optional. Otherwise, include one of:

• Authorization: Bearer <session_token>
• x-api-license-code: <license_code> + x-hardware-id (if device auth enabled)
• x-api-username + x-api-password + x-hardware-id (if device auth enabled)

Response:

{
  "application": {
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "name": "My Desktop App",
    "variables": [
      {
        "name": "api_url",
        "value": "https://api.example.com"
      },
      {
        "name": "feature_flag",
        "value": "enabled"
      }
    ],
    "files": [
      {
        "id": "789e0123-e89b-12d3-a456-426614174000",
        "name": "config.json",
        "mime_type": "application/json",
        "is_encrypted": false
      }
    ]
  },
  "user": {
    "id": "456e7890-e89b-12d3-a456-426614174000",
    "username": "john_doe",
    "membership": {
      "is_active": true,
      "is_lifetime": false,
      "active_until": "2025-12-31T23:59:59Z"
    }
  },
  "server_time": "2025-06-15T12:00:00Z"
}

If not authenticated or anonymous access is allowed, user will be null.

Membership fields:

• is_active - Whether the membership currently grants access
• is_lifetime - true if the membership never expires
• active_until - UTC time the membership expires, or null when it is lifetime or no membership has been granted

To show the user how much time they have left, compute active_until minus server_time. Use server_time rather than the device’s clock so the result is correct even if the device clock is wrong or has been tampered with.

Errors:

• 401 - “Only logged in users are allowed to access” - When anonymous access is disabled
• 401 - Invalid credentials
• 403 - Inactive membership or banned