Skip to content

EMS-UGC API Documentation

Welcome to the EMS-UGC API documentation. This guide covers all available endpoints for managing students, staff, academic records, examinations, infrastructure, and more.

Base URL: http://192.168.100.250/


Dashboard

Authentication, authorization, and dashboard overview APIs.

Students

Student CRUD, creation, registration, and analytics reports.

Staff

Staff management and reporting endpoints.

Manage

Subjects, academic years, batches, permissions, and roles.

Settings

Campus, faculty programs, semesters, job structure, and EMIS.

Infrastructure

Physical infrastructure management and type definitions.

Graduation

Graduation records and analytics reports.

Examinations

Student registration, exam centres, external exams, and entrance.


All API requests (except /login and /csrf) require a valid session cookie. First authenticate via /login, then include the session cookie in subsequent requests.


Always include these headers in requests:

Header Value
Accept application/json
X-CSRF-TOKEN <csrf-token>
Content-Type application/json

Every state-changing request requires a CSRF token. Fetch it first:

GET /csrf
Accept: application/json

Response:

{
"token": "abc123..."
}

Include this token in the X-CSRF-TOKEN header for POST/PUT/DELETE requests.


// 1. Get CSRF token
const csrfRes = await fetch('/csrf', {
headers: { 'Accept': 'application/json' }
});
const { token } = await csrfRes.json();
// 2. Make authenticated request
const res = await fetch('/your-endpoint', {
method: 'POST',
credentials: 'same-origin',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
'X-CSRF-TOKEN': token
},
body: JSON.stringify(data)
});

All responses use the ApiResponse envelope:

{
"success": true,
"message": "Operation completed",
"data": { ... }
}

Error response:

{
"success": false,
"message": "Validation failed",
"errors": {
"field": ["Error message"]
}
}

Code Meaning
200 Success
201 Created
400 Bad request / validation error
401 Unauthenticated
403 Unauthorized (insufficient permissions)
404 Resource not found
429 Rate limit exceeded
500 Server error

Paginated endpoints return:

{
"current_page": 1,
"per_page": 15,
"last_page": 5,
"total": 72,
"data": [ ... ]
}

Use ?page=N query parameter to navigate pages.


Dates use Nepali (Bikram Sambat) format: YYYY-MM-DD (e.g., 2081-05-12).


For endpoints accepting file uploads, use multipart/form-data:

const formData = new FormData();
formData.append('photo', fileInput.files[0]);
formData.append('name', 'John');
await fetch('/endpoint', {
method: 'POST',
headers: {
'Accept': 'application/json',
'X-CSRF-TOKEN': token
},
body: formData
});

Allowed file types: jpeg, jpg, png, pdf Max file size: 2MB per file