Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/CodexaCP/SERVICIOS-BACK/llms.txt

Use this file to discover all available pages before exploring further.

ServiciosYa API is the central backend for a multi-tenant logistics and services platform. It handles everything from JWT-based authentication and role-scoped authorization to service catalog management, payment voucher validation, file uploads, and structured audit logging — all while keeping each company’s data strictly isolated through a CompanyID tenancy model.

What problem does it solve?

Traditional service-request workflows rely on phone calls, paper forms, or scattered spreadsheets. ServiciosYa replaces that with a structured API that lets customers browse an active service catalog, submit requests with a payment voucher attached, and track their request status end-to-end. At the same time, internal staff (gestor, admin, super-admin) get a full administrative surface to create services, validate payments, move requests through their lifecycle, and audit every significant action.

Key capabilities

  • JWT authentication — stateless Bearer tokens with role and company claims; automatic JSON 401/403 responses for clean client error handling.
  • Multi-tenancy — every query and write is scoped to the authenticated user’s CompanyID extracted from the JWT. A SUPER_ADMIN can operate across all tenants.
  • Service catalog — create, update, activate/deactivate, and soft-delete services grouped by category; control whether a service accepts an optional file attachment.
  • Service request lifecycle — customers create requests in SOLICITADO state with a mandatory payment voucher image; staff advance them through EN_PROCESO, FINALIZADO, or CANCELADO_* states via dedicated endpoints.
  • Payment validation — internal roles validate or reject the uploaded payment proof; a cancellation-and-refund flow tracks PENDIENTE_DEVOLUCIONREINTEGRADO.
  • File uploads — payment vouchers and optional per-request attachments stored under wwwroot/uploads; 10 MB multipart limit enforced at the framework level.
  • Audit logging — every state change and sensitive operation is persisted through InsertAuditLog stored procedure calls via the IAuditEventService.
  • System diagnostics — a suite of /api/v1/system/* endpoints for health checks, in-memory metrics, and audit log queries, guarded by Diagnostics:EnableDiagnostics.

Architecture overview

Both client surfaces — an Angular web portal used by internal staff and a .NET MAUI Android app used by end customers — consume this single API. The API delegates persistence to SQL Server (EncomiendasDB) exclusively through Dapper and stored procedures; there is no ORM.
┌─────────────────────┐     ┌─────────────────────┐
│  Angular Web Portal │     │  .NET MAUI Android  │
│  (PrimeNG, JWT)     │     │  (HttpClient, MAUI) │
└────────┬────────────┘     └──────────┬──────────┘
         │  HTTPS + Bearer             │  HTTPS + Bearer
         └──────────────┬──────────────┘

          ┌─────────────────────────┐
          │   ServiciosYa API       │
          │   ASP.NET Core 8        │
          │   Dapper · JWT · CORS   │
          └──────┬──────────┬───────┘
                 │          │
        ┌────────▼───┐  ┌───▼──────────────┐
        │ SQL Server │  │  wwwroot/uploads  │
        │EncomiendasDB│  │  (file storage)  │
        └────────────┘  └──────────────────┘
The CORS policy (AllowAngular) permits localhost:4200 and app.tramiya.com.py for the web portal. The mobile app communicates via the same JWT-authenticated endpoints, handling certificates through its own HttpClient configuration.

Service categories

The platform ships with six predefined service categories:
Category
Escribania y legales
Presentacion de documentos
Pago de impuestos, patentes y otros
Traducciones legales
Delivery
Otros
Services are created by internal roles and assigned to one of these categories. Customers browse services grouped by category through the /api/services/by-category endpoint.

Role hierarchy

RoleScopeCan manage servicesCan manage requests
SUPER_ADMINGlobal (all tenants)Full CRUDFull CRUD + delete
ADMIN_GENERALOwn companyCreate, edit, toggle, soft-deleteView, validate payment, change status
GESTOR_SUPREMOOwn companyCreate, edit, toggle, soft-deleteView, validate payment, change select statuses
GESTOROperationalNoneConfirm refunds
CUSTOMEROwn requests onlyNoneCreate request, view own, cancel if eligible

Tech stack

ComponentTechnology
RuntimeASP.NET Core 8 (net8.0)
Data accessDapper 2.1.72 + Microsoft.Data.SqlClient 7.0.0
DatabaseSQL Server (EncomiendasDB)
AuthenticationJWT Bearer (Microsoft.AspNetCore.Authentication.JwtBearer 8.0.0)
API docsSwashbuckle / Swagger UI (Development only)
Assembly version1.0.0.0

Explore the docs

Quickstart

Run the API locally in five steps: clone, configure, migrate, start, authenticate.

Core Concepts & Architecture

Deep-dive into tenancy, the request lifecycle, roles, and stored-procedure patterns.

API Reference — Auth

Login, registration, user management, and password-change endpoints.

Configuration

All appsettings.json sections explained with production-ready guidance.

Build docs developers (and LLMs) love