🔐 Autenticación

Obtención de tokens JWT para autenticarse contra la API.

• Login: devuelve un access_token JWT permanente.

Todos los endpoints (excepto webhooks) requieren:

Authorization: Bearer <access_token>

Obtener token JWT (login)

post

Autentica un usuario existente y devuelve un token JWT permanente.

Content-Type: application/x-www-form-urlencoded

Campos del formulario:

• username — nombre de usuario registrado.

• password — contraseña.

Respuesta exitosa:

{
  "statusCode": 200,
  "ok": true,
  "access_token": "eyJhbGciOiJIUzI1NiIs...",
  "token_type": "bearer"
}

⚠️ El token no expira. Guárdalo de forma segura.

Body

application/x-www-form-urlencoded

grant_typeany ofOptional

stringOptionalPattern: ^password$

or

nullOptional

usernamestringRequired

passwordstring · passwordRequired

scopestringOptionalDefault: ""

client_idany ofOptional

stringOptional

or

nullOptional

client_secretany ofOptional

stringOptional

or

nullOptional

Responses

200

Login exitoso. Devuelve access_token JWT permanente.

application/json

Respuesta de login exitoso.

access_tokenstringRequired

Token JWT permanente (sin expiración).

token_typestringOptional

Tipo de token. Siempre bearer.

Default: bearer

401

Credenciales incorrectas.

422

Validation Error

application/json

post

/auth/token

HTTPcURLJavaScriptPython

POST /auth/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Accept: */*
Content-Length: 114

"grant_type='text'&username='text'&password='password'&scope=''&client_id='text'&client_secret='text'"

{
  "access_token": "eyJhbGciOiJIUzI1NiIs...",
  "token_type": "bearer"
}

Obtener datos del usuario autenticado

get

Devuelve los datos del usuario autenticado a partir del token JWT.

Authorizations

OAuth2PasswordBearer

OAuth2passwordRequired

Token URL:

Responses

200

Successful Response

application/json

anyOptional

get

/auth/me

HTTPcURLJavaScriptPython

GET /auth/me HTTP/1.1
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*

200

Successful Response

No content

Listar usuarios (solo admin)

get

Lista todos los usuarios registrados. Solo accesible para administradores.

Authorizations

OAuth2PasswordBearer

OAuth2passwordRequired

Token URL:

Responses

200

Successful Response

application/json

anyOptional

get

/admin/users

HTTPcURLJavaScriptPython

GET /admin/users HTTP/1.1
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*

200

Successful Response

No content

Crear usuario (admin)

post

Crea un nuevo usuario sin necesidad de registration_token. Solo admin.

Authorizations

OAuth2PasswordBearer

OAuth2passwordRequired

Token URL:

Body

application/json

Other propertiesanyOptional

Responses

201

Successful Response

application/json

422

Validation Error

application/json

post

/admin/users

HTTPcURLJavaScriptPython

POST /admin/users HTTP/1.1
Authorization: Bearer YOUR_OAUTH2_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 38

{
  "ANY_ADDITIONAL_PROPERTY": "anything"
}

No content

Editar usuario (admin)

put

Actualiza datos de un usuario: contraseña, sf_account_id, sf_contract_id. Solo admin.

Authorizations

OAuth2PasswordBearer

OAuth2passwordRequired

Token URL:

Path parameters

user_idintegerRequired

Body

application/json

Other propertiesanyOptional

Responses

200

Successful Response

application/json

anyOptional

422

Validation Error

application/json

put

/admin/users/{user_id}

HTTPcURLJavaScriptPython

PUT /admin/users/{user_id} HTTP/1.1
Authorization: Bearer YOUR_OAUTH2_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 38

{
  "ANY_ADDITIONAL_PROPERTY": "anything"
}

No content

Eliminar usuario (admin)

delete

Elimina un usuario y todas sus reservas/schedules (cascade). Solo admin.

Authorizations

OAuth2PasswordBearer

OAuth2passwordRequired

Token URL:

Path parameters

user_idintegerRequired

Responses

200

Successful Response

application/json

anyOptional

422

Validation Error

application/json

delete

/admin/users/{user_id}

HTTPcURLJavaScriptPython

DELETE /admin/users/{user_id} HTTP/1.1
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*

No content