Skip to main content
The TaskFlow Pro API is a REST API that accepts JSON request bodies and returns JSON responses. All endpoints are versioned under /api/v1.

Base URL

http://localhost:3001/api/v1
Every endpoint in this reference is relative to this base URL. For example, POST /auth/login means: 
POST http://localhost:3001/api/v1/auth/login

Interactive docs

A Swagger UI is available at http://localhost:3001/api-docs once the backend server is running. Use it to explore and try endpoints directly in the browser.

Request format

All requests with a body must send JSON and include the Content-Type header: 
Content-Type: application/json

Authentication

Protected endpoints require a JWT token in the Authorization header using the Bearer scheme: 
Authorization: Bearer <token>
Obtain a token by calling POST /login. Tokens expire after 30 minutes, after which you must log in again. See Authentication for full details. 
curl http://localhost:3001/api/v1/usuario/me \
  --header "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

Response format

All responses share a consistent envelope structure.

Success response

success
boolean
required
Always true for successful responses.
message
string
required
Human-readable description of the result.
data
object
The response payload. Omitted when the endpoint returns no data (e.g., resource creation with no body).
meta
object
Optional metadata such as pagination information. Omitted when not applicable.
Success response (with data)
{
  "success": true,
  "message": "Inicio de sesion correcto",
  "data": {
    "usuario": {
      "id": 1,
      "nombre": "María García",
      "email": "[email protected]",
      "rol": "Project Manager"
    },
    "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
  }
}
Success response (no data)
{
  "success": true,
  "message": "Usuario creado correctamente"
}

Error response

success
boolean
required
Always false for error responses.
message
string
required
Human-readable description of the error.
errors
object
Detailed validation errors. Included only on 400 validation failures.
Error response (validation)
{
  "success": false,
  "message": "Validation failed",
  "errors": [
    {
      "field": "password",
      "message": "Debe tener al menos una mayúscula"
    }
  ]
}
Error response (auth)
{
  "success": false,
  "message": "Credenciales invalidas"
}

HTTP status codes

CodeMeaning
200Request succeeded.
201Resource created successfully.
400Bad request — invalid input or duplicate data (e.g., email already registered).
401Unauthorized — missing token, expired token, or invalid credentials.
403Forbidden — valid token but insufficient role permissions.
404Resource not found.
500Internal server error.
A 401 response means your token is missing or expired. A 403 response means your account does not have the role required for that endpoint. These are distinct — check the message field to distinguish between the two.

Build docs developers (and LLMs) love

Get started for freeTalk to us