Plataforma Social exposes its data layer through a single GraphQL endpoint powered by Apollo Server 4, mounted on an Express application. Every operation — whether reading data or making changes — is sent as aDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/Avendaosander/Plataforma-social/llms.txt
Use this file to discover all available pages before exploring further.
POST request to /graphql. There are no REST routes; the entire API surface is described by the GraphQL schema.
Endpoint
All requests are sent to the following endpoint:PORT environment variable and falls back to 4005 when it is not set.
Making Requests
Every operation is aPOST request with a JSON body containing a query string and, when needed, a variables object. The Content-Type header must be set to application/json.
Apollo Sandbox (GraphQL Playground)
When the server is running, openinghttp://localhost:4005/graphql in a browser launches the Apollo Sandbox — an interactive IDE where you can browse the schema, compose queries, and inspect responses in real time. No additional configuration is required.
Authentication
The API itself does not require authentication headers on requests. Authentication is handled by NextAuth on the frontend. Thelogin query exists specifically to support NextAuth’s credentials provider: it looks up a user by email address and returns the hashed password so that NextAuth can verify it with bcrypt server-side.
Client-facing code should never request the
password field directly. The login query is intended to be called only from the NextAuth authorize callback on the server.Error Handling
When an operation fails, Apollo Server returns anerrors array in the response body. Each error object contains a human-readable message and an extensions object with a machine-readable code and the corresponding HTTP status.
| Code | HTTP Status | Meaning |
|---|---|---|
NOT_FOUND | 404 | The requested user does not exist. getUser returns "Not found"; login returns "El usuario no fue encontrado" |
| Standard GraphQL error | 400 | Validation failure (e.g. duplicate username or email) |
When a
NOT_FOUND error is thrown, the data field for that operation will be null. Other fields in the same query that succeeded will still be present.CORS
The server applies thecors() middleware with its default configuration, which allows requests from all origins. No special headers are required on the client side to communicate with the API from a browser.
Reference
Queries
Browse
getUsers, getUser, and login — all read operations available in the API.Mutations
Browse
postUser, putUser, and deleteUser — all write operations available in the API.