Skip to main content

POST /auth/login

Authenticates a user and returns a JWT token along with user permissions and access rights.

Request

userName
string
required
The username for authentication
password
string
required
The user’s password

Request Example

curl -X POST https://api.example.com/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "userName": "admin",
    "password": "securepassword123"
  }'

Response

token
string
JWT authentication token for subsequent API requests
userName
string
The authenticated user’s username
accesos
array
List of access permissions and menu items available to the user
nombre
string
Display name of the access/menu item
url
string
URL path for the access item
icono
string
Icon identifier for UI display
orden
number
Display order for menu items

Response Example

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "userName": "admin",
  "accesos": [
    {
      "nombre": "Dashboard",
      "url": "/dashboard",
      "icono": "dashboard-icon",
      "orden": 1
    },
    {
      "nombre": "Ventas",
      "url": "/ventas",
      "icono": "sales-icon",
      "orden": 2
    }
  ]
}

Status Codes

  • 200 OK - Authentication successful
  • 400 Bad Request - Invalid credentials or missing required fields

POST /auth/validate

Validates a JWT token and returns token information if valid.

Request

token
string
required
The JWT token to validate

Request Example

curl -X POST "https://api.example.com/auth/validate?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

Response

token
string
The validated JWT token

Response Example

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Status Codes

  • 200 OK - Token is valid
  • 400 Bad Request - Token is invalid or expired

POST /auth/create

Creates a new authentication user account.

Request

userName
string
required
Username for the new account
password
string
required
Password for the new account

Request Example

curl -X POST https://api.example.com/auth/create \
  -H "Content-Type: application/json" \
  -d '{
    "userName": "newuser",
    "password": "securepass456"
  }'

Response

id
integer
Unique identifier for the created auth user
userName
string
The created username
password
string
The encrypted password (hashed)

Response Example

{
  "id": 5,
  "userName": "newuser",
  "password": "$2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy"
}

Status Codes

  • 200 OK - User created successfully
  • 400 Bad Request - Username already exists or validation failed

JWT Token Usage

After successful login, include the JWT token in the Authorization header for protected endpoints: 
curl https://api.example.com/protected-endpoint \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

Build docs developers (and LLMs) love

Get started for freeTalk to us