Skip to main content

Introduction

The CEMAC API is a RESTful API that provides authentication and user management services for the CEMAC platform. The API is built with Express.js and deployed on Vercel.

Base URL

The CEMAC API has different base URLs depending on your environment: Production: 
https://cemac-api.vercel.app
Development (Local): 
http://localhost:3000
The client automatically detects the environment and uses the appropriate base URL: 
configureAPIEndpoint() {
    const hostname = window.location.hostname;
    const isLocalhost = hostname === 'localhost' || hostname === '127.0.0.1';
    
    if (isLocalhost) {
        this.baseURL = window.location.origin;
        this.environment = 'development';
    } else {
        this.baseURL = 'https://cemac-api.vercel.app';
        this.environment = 'production';
    }
}

Response Format

All API responses follow a consistent JSON format:

Success Response

{
  "success": true,
  "message": "Operation completed successfully",
  "data": {
    // Response data here
  }
}

Error Response

{
  "success": false,
  "error": "Error message describing what went wrong"
}

Authentication Success Response

{
  "success": true,
  "message": "Login exitoso",
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "user": {
    "email": "[email protected]",
    "firstName": "John",
    "lastName": "Doe"
  }
}

HTTP Status Codes

The API uses standard HTTP status codes:
Status CodeDescription
200Success - Request completed successfully
400Bad Request - Invalid request parameters
401Unauthorized - Authentication required or failed
404Not Found - Resource not found
408Request Timeout - Request took too long to complete
500Internal Server Error - Server encountered an error
501Not Implemented - Feature not yet implemented
504Gateway Timeout - External API timeout

Request Headers

All API requests should include the following headers: 
Content-Type: application/json
Accept: application/json
For authenticated endpoints, include the Authorization header: 
Authorization: Bearer <your-jwt-token>

CORS Configuration

The API supports Cross-Origin Resource Sharing (CORS) and includes appropriate headers in responses. In development mode, credentials are included in requests: 
const requestOptions = {
    method: 'POST',
    headers: {
        'Content-Type': 'application/json',
        'Accept': 'application/json',
    },
    mode: 'cors'
};

// Include credentials in development
if (environment === 'development') {
    requestOptions.credentials = 'include';
}
The API automatically handles environment-specific configurations. You don’t need to manually configure CORS or credentials when using the AuthService.

Rate Limiting

External API requests have a 10-second timeout to prevent long-running requests. If the API doesn’t respond within this time, you’ll receive a 408 Request Timeout error.

API Status

You can check the API status using the status endpoints: Server Status: 
GET /api/status
Authentication System Status: 
GET /auth/status
Both endpoints return information about available routes and system health.

Available Routes

The CEMAC API currently provides the following route groups:
  • Authentication (/auth/*) - User authentication and session management
  • API Status (/api/status) - Server health and route information
  • Frontend (/) - Static file serving and dashboard views
For detailed information about authentication endpoints, see the Authentication page.

Build docs developers (and LLMs) love

Get started for freeTalk to us