Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/DragonesMagicos/ferromax_v0.8/llms.txt

Use this file to discover all available pages before exploring further.

The Ferromax ERP API is a RESTful HTTP API built with Spring Boot 3.2.5 on Java 17. It serves both the internal ERP frontend and the public storefront, with endpoints grouped by resource and protected by role-based JWT authorization. All responses are JSON; every protected route requires a valid Bearer token issued by POST /auth/login.

Base URL

All endpoints are served under a single base URL. During development the server runs on port 8081 with the /api context path configured in application.properties. 
http://localhost:8081/api
You can verify the server is up by hitting the health actuator endpoint — no authentication required: 
curl http://localhost:8081/api/actuator/health

{
  "status": "UP"
}

Authentication

Most endpoints require a JWT Bearer token. Obtain one by posting credentials to POST /auth/login, then include it in every subsequent request using the Authorization header: 
Authorization: Bearer <token>
See the Authentication page for the full login, register, and current-user flows.

Response Format

All API responses use application/json. The following serialization rules apply globally, as configured via Jackson in application.properties:
RuleValue
Date formatISO 8601 (e.g. 2024-08-15T14:30:00)
TimezoneAmerica/Argentina/Buenos_Aires
Localees_AR
Null fieldsOmitted (non_null Jackson setting)

HTTP Status Codes

The API uses standard HTTP status codes to indicate the outcome of every request.
CodeStatusMeaning
200OKRequest succeeded; response body contains the result
201CreatedResource created successfully
204No ContentRequest succeeded; no response body
400Bad RequestValidation error or malformed request body
401UnauthorizedMissing or invalid JWT token
403ForbiddenValid token but insufficient role for this resource
404Not FoundResource does not exist (RecursoNoEncontradoException)
500Internal Server ErrorUnhandled server-side error

Error Response Format

Error responses follow a consistent JSON shape with two fields: a machine-readable error code and a human-readable mensaje in Spanish. 
{
  "error": "UNAUTHORIZED",
  "mensaje": "Credenciales inválidas"
}
Validation errors from @Valid bean validation (HTTP 400) may include additional fields describing which request fields failed and why.

API Endpoints Index

The API is organized into the following resource groups. All prefixes are relative to the base URL http://localhost:8081/api.
ResourcePrefixDescription
Authentication/authLogin, register, current user
Products/productosProduct CRUD, barcode/SKU lookup
Sales/ventasRegister sales, view history
Inventory/recepcion, /recepciones-remito, /ajustes-stockGoods receipt and stock management
Dashboard/dashboardKPI metrics and charts (admin only)
Catalog/categoriasPublic product catalog by category
Invoices/facturasOCR invoice scanning and confirmation
Alerts/alertasStock alert management (admin only)
WebSocket/wsReal-time STOMP events

Role-based access

Routes are protected at three privilege levels, enforced by Spring Security’s @EnableMethodSecurity and SecurityFilterChain:
  • ADMIN — full access to all endpoints including dashboard, stock adjustments, and alert management
  • EMPLEADO — access to sales creation, product lookups, and goods receipt; read-only access to suppliers
  • CLIENTE — access to the public catalog, placing orders, and viewing own purchase history

Public routes (no token required)

The following routes are open to unauthenticated callers:
  • POST /auth/login
  • POST /auth/register
  • GET /productos/publico
  • GET /categorias/**
  • GET /img/**

OpenAPI / Swagger UI

Ferromax ERP includes springdoc-openapi. The interactive Swagger UI and the machine-readable OpenAPI 3 spec are available while the server is running:
ResourceURL
Swagger UIhttp://localhost:8081/api/swagger-ui.html
OpenAPI JSON spechttp://localhost:8081/api/v3/api-docs
The Swagger UI has Try it out enabled (springdoc.swagger-ui.try-it-out-enabled=true), so you can authenticate and execute live requests directly from the browser without any additional tooling.

Explore the API

Authentication

Login, register new accounts, and retrieve the current user profile.

Products

Full product CRUD, barcode lookup, and SKU search.

Sales

Register sales transactions and query sales history.

Inventory

Goods receipt, remito-based receiving, and manual stock adjustments.

Dashboard

Admin-only KPI metrics, revenue charts, and stock alerts.

Catalog

Public-facing product catalog browsable by category.

Build docs developers (and LLMs) love

Get started for freeTalk to us