• Derek's avatar
    claim tokens: shared secret minted at claim, dual webhook delivery · 8e55fe48
    Derek authored
    - POST /printers returns claim_token (only there); claimed printers
      require X-Claim-Token on status/print/sgd/jobs/reconnect/PATCH/DELETE
    - events go to BOTH the printer webhook and the general webhook, with
      claim_token in the payload so receivers can authenticate events
    - unclaim (PATCH linked:false / DELETE) invalidates the token;
      re-claim mints a fresh one; PATCH linked:true rejected
    - API.md: full webhook contract (delivery semantics, payload fields,
      examples), updated Laravel sketch; startup migration for old DBs
    8e55fe48