Skip to main content

Base URL

All API requests should be made to: 
http://localhost:8000
For production environments, replace with your deployed API URL.

API Information

  • Title: Torn - Facturador Electrónico
  • Description: Sistema de facturación electrónica para el SII de Chile
  • Version: 0.1.0
  • Framework: FastAPI

Multi-Tenant Architecture

Torn uses a multi-tenant SaaS architecture with schema-based isolation. Each tenant (company) has its own database schema, ensuring complete data separation.

Tenant Context Header

Most API endpoints require the X-Tenant-ID header to specify which tenant’s data you’re accessing: 
curl -H "X-Tenant-ID: 1" \
     -H "Authorization: Bearer YOUR_TOKEN" \
     http://localhost:8000/api/endpoint
Global endpoints like authentication (/auth/*) and tenant management (/saas/*) do not require the X-Tenant-ID header.

Common Conventions

Request Format

The API accepts JSON request bodies for POST and PUT operations: 
curl -X POST http://localhost:8000/auth/login \
  -H "Content-Type: application/json" \
  -d '{"email": "[email protected]", "password": "password"}'

Response Format

All responses are returned in JSON format with appropriate HTTP status codes. Successful Response Example: 
{
  "id": 1,
  "name": "Example",
  "created_at": "2026-03-08T12:00:00Z"
}

Date/Time Format

All timestamps follow ISO 8601 format with UTC timezone: 
2026-03-08T12:00:00Z

HTTP Status Codes

The API uses standard HTTP status codes:
CodeMeaningDescription
200OKRequest succeeded
201CreatedResource created successfully
204No ContentRequest succeeded with no response body
400Bad RequestInvalid request parameters or body
401UnauthorizedMissing or invalid authentication token
403ForbiddenInsufficient permissions
404Not FoundResource not found
409ConflictResource conflict (e.g., duplicate RUT)
500Internal Server ErrorServer error

Error Responses

When an error occurs, the API returns a JSON object with error details: 
{
  "detail": "Credenciales incorrectas"
}

Common Error Examples

{
  "detail": "No se pudo validar la sesión global"
}

CORS Configuration

The API is configured to accept requests from the following origins:
  • http://localhost:3000
  • http://localhost:3001
  • http://localhost:3002
  • http://localhost:8000
  • http://127.0.0.1:3000
  • http://127.0.0.1:3001
  • http://127.0.0.1:3002
  • http://127.0.0.1:8000
All HTTP methods and headers are allowed for these origins.

Rate Limiting

Currently, the API does not implement rate limiting. This may be added in future versions.

Available Endpoints

The API is organized into the following endpoint groups:
  • Authentication (/auth) - User login and session management
  • SaaS Management (/saas) - Tenant and user management
  • Health - Health check endpoints
  • Customers - Customer management
  • Products - Product catalog
  • Sales - Sales and invoicing
  • Purchases - Purchase orders
  • Inventory - Stock management
  • Cash - Cash register operations
  • Reports - Business reports
  • Users - User management within tenants
  • Roles - Role and permissions
  • Configuration - System settings and taxes
  • Folios - DTE folio management
For detailed information on authentication and authorization, see the Authentication guide.

Interactive Documentation

FastAPI provides interactive API documentation:
  • Swagger UI: http://localhost:8000/docs
  • ReDoc: http://localhost:8000/redoc
These interfaces allow you to explore and test API endpoints directly from your browser.

Build docs developers (and LLMs) love

Get started for freeTalk to us