Overview The Authentication API provides endpoints for user registration, login, email verification, password recovery, and session management. All endpoints use HTTP-only cookies for secure token storage.
Base URL Create Account curl -X POST https://api.tambo360.com/auth/crear-cuenta \ -H "Content-Type: application/json" \ -d '{ "nombre": "Juan Perez", "correo": "[email protected] ", "contraseña": "!Password123" }'
Creates a new user account and sends a verification email.
Request Body User’s full name. Must be between 5 and 50 characters.
Valid email address. Must be between 5 and 50 characters.
Password with the following requirements:
Minimum 8 characters, maximum 50
At least one uppercase letter
At least one lowercase letter
At least one number
At least one special character (@$!%*?&)
Response HTTP status code (201 for success)
User object containing: Email verification status (false on creation)
ISO 8601 timestamp of account creation
Indicates if the request was successful
201 Success
400 Validation Error
{ "statusCode" : 201 , "message" : "Usuario registrado exitosamente" , "data" : { "idUsuario" : "a1b2c3d4-5678-90ab-cdef-1234567890ab" , "nombre" : "Juan Perez" , "correo" : "[email protected] " , "verificado" : false , "fechaCreacion" : "2026-03-08T10:30:00.000Z" }, "success" : true }
Login POST /auth/iniciar-sesion
curl -X POST https://api.tambo360.com/auth/iniciar-sesion \ -H "Content-Type: application/json" \ -d '{ "correo": "[email protected] ", "contraseña": "!Password123" }'
Authenticates a user and returns a JWT token in an HTTP-only cookie.
Request Body Response HTTP status code (200 for success)
“Inicio de sesión exitoso”
User and token data: Email verification status
Account creation timestamp
Array of user’s establishments
JWT token (also set as HTTP-only cookie)
200 Success
400 Invalid Credentials
{ "statusCode" : 200 , "message" : "Inicio de sesión exitoso" , "data" : { "user" : { "idUsuario" : "a1b2c3d4-5678-90ab-cdef-1234567890ab" , "nombre" : "Juan Perez" , "correo" : "[email protected] " , "verificado" : true , "fechaCreacion" : "2026-03-08T10:30:00.000Z" , "establecimientos" : [] }, "token" : "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." }, "success" : true }
Verify Email POST /auth/verificar-email
curl -X POST https://api.tambo360.com/auth/verificar-email \ -H "Content-Type: application/json" \ -d '{ "token": "b28a6254dd3cadca4e7f2c236ee3a412575af5d19fe1e982f5760a072635bc6f" }'
Verifies a user’s email using the token sent to their email address.
Request Body Verification token received via email
Response 200 Success
400 Invalid Token
{ "statusCode" : 200 , "message" : "Email verificado exitosamente" , "data" : { "user" : { "idUsuario" : "a1b2c3d4-5678-90ab-cdef-1234567890ab" , "nombre" : "Juan Perez" , "correo" : "[email protected] " , "verificado" : true , "fechaCreacion" : "2026-03-08T10:30:00.000Z" , "establecimientos" : [] } }, "success" : true }
Resend Verification Email POST /auth/reenviar-verificacion
curl -X POST https://api.tambo360.com/auth/reenviar-verificacion \ -H "Content-Type: application/json" \ -d '{ "correo": "[email protected] " }'
Resends the email verification link to the user’s email.
Request Body Response { "statusCode" : 200 , "message" : "Correo de verificación reenviado exitosamente" , "data" : null , "success" : true }
Forgot Password POST /auth/contrasena-olvidada
curl -X POST https://api.tambo360.com/auth/contrasena-olvidada \ -H "Content-Type: application/json" \ -d '{ "correo": "[email protected] " }'
Initiates the password reset process by sending a reset token to the user’s email.
Request Body Response { "statusCode" : 200 , "message" : "Instrucciones para restablecer la contraseña enviadas al correo" , "data" : null , "success" : true }
Verify Reset Password Token POST /auth/verificar-restablecer-contrasena
curl -X POST https://api.tambo360.com/auth/verificar-restablecer-contrasena \ -H "Content-Type: application/json" \ -d '{ "token": "b28a6254dd3cadca4e7f2c236ee3a412575af5d19fe1e982f5760a072635bc6f" }'
Validates a password reset token before allowing the user to set a new password.
Request Body Password reset token received via email
Response 200 Success
400 Invalid Token
{ "statusCode" : 200 , "message" : "Token de restablecimiento válido" , "data" : null , "success" : true }
Reset Password POST /auth/restablecer-contrasena
curl -X POST https://api.tambo360.com/auth/restablecer-contrasena \ -H "Content-Type: application/json" \ -d '{ "token": "b28a6254dd3cadca4e7f2c236ee3a412575af5d19fe1e982f5760a072635bc6f", "nuevaContraseña": "!NewPassword456" }'
Sets a new password using a valid reset token.
Request Body New password meeting all password requirements (see Create Account)
Response 200 Success
400 Validation Error
{ "statusCode" : 200 , "message" : "Contraseña restablecida exitosamente" , "data" : null , "success" : true }
Get Current User curl -X GET https://api.tambo360.com/auth/me \ -H "Cookie: token=<jwt_token>"
Retrieves the authenticated user’s profile information.
Authentication Required: Yes (Cookie-based JWT)Response 200 Success
401 Unauthorized
404 Not Found
{ "statusCode" : 200 , "message" : "Usuario obtenido exitosamente" , "data" : { "idUsuario" : "a1b2c3d4-5678-90ab-cdef-1234567890ab" , "nombre" : "Juan Perez" , "correo" : "[email protected] " , "verificado" : true , "fechaCreacion" : "2026-03-08T10:30:00.000Z" , "establecimientos" : [ { "idEstablecimiento" : "c2b8e8a2-4f92-4f3f-b0c5-1a2b3c4d5e6f" , "nombre" : "Establecimiento Norte" , "localidad" : "Rafaela" , "provincia" : "Santa Fe" } ] }, "success" : true }
Logout curl -X POST https://api.tambo360.com/auth/logout \ -H "Cookie: token=<jwt_token>"
Clears the authentication cookie and ends the user’s session.
Authentication Required: Yes (Cookie-based JWT)Response 200 Success
401 Unauthorized
{ "statusCode" : 200 , "message" : "Sesión cerrada correctamente" , "success" : true }
Error Responses All endpoints may return the following error responses:
400 Bad Request Invalid input data or validation errors
401 Unauthorized Missing or invalid authentication token
404 Not Found Requested resource does not exist
500 Internal Server Error Unexpected server error 