Confera DEV
Use Case • Attendance

Attendance Gate

Record daily attendance scans at entrances (fast + secure).

Goal

You want to scan daily attendance badges at gates and record the scan instantly.

What you need

  • An API key with attendance:write.
  • Recommended: a proxy server endpoint to keep secrets off devices.

Request

Record attendance
bash
curl -X POST "https://your-domain/api/public/v1/attendance/checkin" \
  -H "X-API-Key: cat_..." \
  -H "Content-Type: application/json" \
  -d '{"qr":"confera-attendance:DAY1-XYZ","location":"gate-a","dayDate":"2026-02-04"}'

Proxy endpoint (recommended)

Gate devices should never store your Confera API key. Put a tiny server endpoint in front. This also lets you normalize inputs, add logging, and handle duplicates consistently.

Next.js Route Handler: /api/gate/attendance
ts
import { NextResponse } from "next/server";
import { createConferaPublicClient, isConferaApiError } from "@confera/sdk";

const confera = createConferaPublicClient({
  baseUrl: process.env.CONFERA_BASE_URL!,
  apiKey: process.env.CONFERA_API_KEY!,
  timeoutMs: 8000,
  userAgent: "gate/1.0",
});

export async function POST(req: Request) {
  const body = (await req.json()) as { qr?: string; location?: string; dayDate?: string };
  if (!body.qr || !body.location || !body.dayDate) {
    return NextResponse.json({ ok: false, error: "Missing qr, location, or dayDate" }, { status: 400 });
  }

  try {
    const res = await confera.attendance.checkin({ qr: body.qr, location: body.location, dayDate: body.dayDate });
    return NextResponse.json({ ok: true, data: res.data });
  } catch (e) {
    // Idempotent UX: if someone re-scans, still show success.
    if (isConferaApiError(e) && e.status === 409) {
      return NextResponse.json({ ok: true, duplicate: true });
    }
    if (isConferaApiError(e)) {
      return NextResponse.json({ ok: false, status: e.status, code: e.code, message: e.message }, { status: 502 });
    }
    return NextResponse.json({ ok: false, message: "Unexpected error" }, { status: 500 });
  }
}

Operations

  • Use one key per gate device/team.
  • Log the location field to trace scans.
  • If a device is lost, revoke only its key.
  • Treat 409 duplicates as success (fast gate UX).
  • If you hit 429, slow down scans and retry with backoff.