# Scanner & Door Operations

# Scan tickets at the door

## Public help

Scanner users should scan the signed QR code from a completed ticket. The scanner API validates the signed payload and ticket/event relationship.

**Tested outcomes**

- Valid ticket scan succeeds once.
- Duplicate scan is rejected or flagged distinctly.
- Wrong-event scan is rejected.
- Invalid token is rejected.
- Unauthenticated API requests return JSON `401`.

## Verification evidence

`Scanner Door Operations: QR Validation, Duplicate, Wrong Event`, `Live Scanner API Retest With Browser-Like Headers`.

## Last verified

Verified against the staging website on 2026-06-13. Mobile apps were not tested in this pass.

# Sign in to the Scanner App

## Public help

Help scanner staff access the app before the event starts.

## Door procedure

Keep the door process calm. Validate the ticket, compare the event, and escalate uncertain results instead of guessing.

## Implementation note

Scanner behavior must be tested against the Scanner App, scanner API, ticket scan records, and duplicate conflict reports.

## Implementation status

<table id="bkmrk-expected-behaviorsta"><tbody><tr><th>Expected behavior</th><th>Status</th><th>Surface</th><th>Manual check</th></tr><tr><td>Scanner workflow matches app behavior.</td><td>Needs Verification</td><td>Scanner App / API</td><td>Run a scan test with valid, invalid, and duplicate tickets.</td></tr><tr><td>Door staff permissions are limited.</td><td>Needs Verification</td><td>Scanner App / Roles</td><td>Login as scanner and confirm only scanning tools are available.</td></tr></tbody></table>

## Verification checklist

- Test valid ticket scan.
- Test duplicate ticket scan.
- Test no-network behavior if supported.
- Confirm admin scan records.

## Gaps / notes

- Offline-first behavior needs hands-on venue-style testing.
- Exact scanner app labels need screenshots before public use.

# Select the correct event before scanning

## Public help

Prevent door staff from scanning against the wrong event.

## Door procedure

Keep the door process calm. Validate the ticket, compare the event, and escalate uncertain results instead of guessing.

## Implementation note

Scanner behavior must be tested against the Scanner App, scanner API, ticket scan records, and duplicate conflict reports.

## Implementation status

<table id="bkmrk-expected-behaviorsta"><tbody><tr><th>Expected behavior</th><th>Status</th><th>Surface</th><th>Manual check</th></tr><tr><td>Scanner workflow matches app behavior.</td><td>Needs Verification</td><td>Scanner App / API</td><td>Run a scan test with valid, invalid, and duplicate tickets.</td></tr><tr><td>Door staff permissions are limited.</td><td>Needs Verification</td><td>Scanner App / Roles</td><td>Login as scanner and confirm only scanning tools are available.</td></tr></tbody></table>

## Verification checklist

- Test valid ticket scan.
- Test duplicate ticket scan.
- Test no-network behavior if supported.
- Confirm admin scan records.

## Gaps / notes

- Offline-first behavior needs hands-on venue-style testing.
- Exact scanner app labels need screenshots before public use.

# Understand scan results

## Public help

**Use scan result messages to decide whether to admit an attendee**

- Valid: ticket belongs to the event and has not been used.
- Duplicate: ticket was already scanned.
- Wrong event: ticket is valid for another event, not this one.
- Invalid: QR code or signed payload is not accepted.
- Unauthenticated: scanner session/API access is missing or expired.

> **Internal note:** Add admin scan report/conflict screenshots after admin UI access is available.

## Verification evidence

`Scanner Door Operations: QR Validation, Duplicate, Wrong Event`, `Admin And Internal Finance Surface`.

## Last verified

Verified against the staging website on 2026-06-13. Mobile apps were not tested in this pass.

# Handle duplicate scan warnings

## Public help

Give staff a safe process for duplicate QR code warnings.

## Door procedure

Keep the door process calm. Validate the ticket, compare the event, and escalate uncertain results instead of guessing.

## Implementation note

Scanner behavior must be tested against the Scanner App, scanner API, ticket scan records, and duplicate conflict reports.

## Implementation status

<table id="bkmrk-expected-behaviorsta"><tbody><tr><th>Expected behavior</th><th>Status</th><th>Surface</th><th>Manual check</th></tr><tr><td>Scanner workflow matches app behavior.</td><td>Needs Verification</td><td>Scanner App / API</td><td>Run a scan test with valid, invalid, and duplicate tickets.</td></tr><tr><td>Door staff permissions are limited.</td><td>Needs Verification</td><td>Scanner App / Roles</td><td>Login as scanner and confirm only scanning tools are available.</td></tr></tbody></table>

## Verification checklist

- Test valid ticket scan.
- Test duplicate ticket scan.
- Test no-network behavior if supported.
- Confirm admin scan records.

## Gaps / notes

- Offline-first behavior needs hands-on venue-style testing.
- Exact scanner app labels need screenshots before public use.

# Use offline scanning safely

## Public help

Document what staff should do when venue connectivity is poor.

## Door procedure

Keep the door process calm. Validate the ticket, compare the event, and escalate uncertain results instead of guessing.

## Implementation note

Scanner behavior must be tested against the Scanner App, scanner API, ticket scan records, and duplicate conflict reports.

## Implementation status

<table id="bkmrk-expected-behaviorsta"><tbody><tr><th>Expected behavior</th><th>Status</th><th>Surface</th><th>Manual check</th></tr><tr><td>Scanner workflow matches app behavior.</td><td>Needs Verification</td><td>Scanner App / API</td><td>Run a scan test with valid, invalid, and duplicate tickets.</td></tr><tr><td>Door staff permissions are limited.</td><td>Needs Verification</td><td>Scanner App / Roles</td><td>Login as scanner and confirm only scanning tools are available.</td></tr></tbody></table>

## Verification checklist

- Test valid ticket scan.
- Test duplicate ticket scan.
- Test no-network behavior if supported.
- Confirm admin scan records.

## Gaps / notes

- Offline-first behavior needs hands-on venue-style testing.
- Exact scanner app labels need screenshots before public use.

# Escalate door issues

## Public help

Explain when scanner staff should call an organizer or LinkUp support.

## Door procedure

Keep the door process calm. Validate the ticket, compare the event, and escalate uncertain results instead of guessing.

## Implementation note

Scanner behavior must be tested against the Scanner App, scanner API, ticket scan records, and duplicate conflict reports.

## Implementation status

<table id="bkmrk-expected-behaviorsta"><tbody><tr><th>Expected behavior</th><th>Status</th><th>Surface</th><th>Manual check</th></tr><tr><td>Scanner workflow matches app behavior.</td><td>Needs Verification</td><td>Scanner App / API</td><td>Run a scan test with valid, invalid, and duplicate tickets.</td></tr><tr><td>Door staff permissions are limited.</td><td>Needs Verification</td><td>Scanner App / Roles</td><td>Login as scanner and confirm only scanning tools are available.</td></tr></tbody></table>

## Verification checklist

- Test valid ticket scan.
- Test duplicate ticket scan.
- Test no-network behavior if supported.
- Confirm admin scan records.

## Gaps / notes

- Offline-first behavior needs hands-on venue-style testing.
- Exact scanner app labels need screenshots before public use.