The Users API managesDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/GuillermoNavarro/Proyecto_comunidades/llms.txt
Use this file to discover all available pages before exploring further.
Usuario records — the residents, admins, and platform managers who interact with the system. The API supports role-based scoping: SUPER_ADMIN users can list all accounts across the platform, while ADMIN users operate within their own community (derived automatically from their JWT). Regular USER accounts can read and update their own profile and change their password.
The
password field is write-only. It is accepted in POST request bodies but is never returned in any GET response.Authorization header unless stated otherwise.
GET /api/usuarios
Returns every user registered on the platform, across all communities.Required role:
SUPER_ADMIN200 OK — array of Usuario objects.
Unique identifier of the user.
National identity document number.
First name of the user.
Surname(s) of the user.
Apartment / door identifier within the building (e.g.
"2B").Contact phone number.
Email address — used as the login username.
Role assigned to the user. One of
USER, ADMIN, or SUPER_ADMIN.Ownership coefficient (share of communal expenses) as a decimal (e.g.
0.05 = 5 %).true if the account is active; false if soft-deleted.true if the user must change their password on next login.The community this user belongs to.
Example response
| Status | Meaning |
|---|---|
200 | OK — list returned (may be empty). |
403 | Forbidden — caller does not have SUPER_ADMIN role. |
GET /api/usuarios/comunidad
Returns all users belonging to the community encoded in the caller’s JWT. Useful for admins who need a roster of their own residents.Required role:
ADMIN or SUPER_ADMIN200 OK — array of Usuario objects (same schema as GET /api/usuarios, scoped to the caller’s community).
| Status | Meaning |
|---|---|
200 | OK — list returned (may be empty). |
403 | Forbidden — caller does not have the required role. |
GET /api/usuarios/{idUsuario}
Retrieves a single user by their numericid.
Required role:
ADMIN or SUPER_ADMINPath parameters
The unique identifier of the user to retrieve.
200 OK — a single Usuario object (same schema as above).
| Status | Meaning |
|---|---|
200 | OK — user found and returned. |
404 | Not Found — no user with that id exists. |
403 | Forbidden — caller does not have the required role. |
GET /api/usuarios/me
Returns the profile of the currently authenticated user, identified by the email claim in their JWT.Required role: Any authenticated user (
USER, ADMIN, or SUPER_ADMIN)200 OK — the caller’s own Usuario object (same schema as above).
Example response
| Status | Meaning |
|---|---|
200 | OK — profile returned. |
401 | Unauthorized — no valid JWT supplied. |
POST /api/usuarios
Creates a new user within the admin’s community. The community is derived automatically from the JWT — do not include acomunidad object in the request body.
Required role:
ADMIN or SUPER_ADMINRequest body
National identity document number.
First name of the user.
Surname(s) of the user.
Apartment / door identifier (e.g.
"2B").Contact phone number.
Email address — must be unique across the platform.
Initial password (will be BCrypt-encoded before storage). Never returned in responses.
Role to assign. One of
USER (default), ADMIN, or SUPER_ADMIN.Ownership coefficient as a decimal (e.g.
0.08).200 OK — the newly created Usuario object (password field omitted).
| Status | Meaning |
|---|---|
200 | OK — user created and returned. |
409 | Conflict — a user with the given email already exists. |
403 | Forbidden — caller does not have the required role. |
PUT /api/usuarios/modificar
Allows a user to update their own profile. The user being modified is identified by theid claim in their JWT — no path parameter is needed.
Required role:
USER, ADMIN, or SUPER_ADMINThis endpoint updates the profile of the caller — users cannot modify other accounts via this endpoint. Admins who need to edit another user’s record should use PUT /api/usuarios/admin/{id}.
Request body
Updated first name.
Updated surname(s).
Updated door / apartment identifier.
Updated phone number.
Updated email address.
Updated ownership coefficient.
200 OK — the updated Usuario object.
| Status | Meaning |
|---|---|
200 | OK — profile updated and returned. |
404 | Not Found — user from JWT not found (should not occur in normal operation). |
403 | Forbidden — caller is not authenticated. |
PUT /api/usuarios/admin/{id}
Allows an admin to update any user’s profile by specifying the target user’sid in the path.
Required role:
ADMIN or SUPER_ADMINPath parameters
The unique identifier of the user to update.
Request body
Same fields as PUT /api/usuarios/modificar.200 OK — the updated Usuario object.
| Status | Meaning |
|---|---|
200 | OK — user updated and returned. |
404 | Not Found — no user with that id exists. Returns "Usuario no encontrado.". |
403 | Forbidden — caller does not have the required role. |
DELETE /api/usuarios/{idUsuario}
Performs a soft delete on a user by setting theirestado field to false. The record is retained in the database and is excluded from active user queries, but no data is permanently destroyed.
Required role:
ADMIN or SUPER_ADMINPath parameters
The unique identifier of the user to deactivate.
| Status | Meaning |
|---|---|
200 | OK — user deactivated. Returns "Usuario eliminado correctamente.". |
404 | Not Found — no user with that id exists. Returns "Usuario no encontrado.". |
403 | Forbidden — caller does not have the required role. |
PATCH /api/usuarios/pass
Allows any authenticated user to change their own password by supplying the current password for verification alongside the new one.Required role: Any authenticated user (
USER, ADMIN, or SUPER_ADMIN)Request body
The user’s current password, used for verification before the change is applied.
The desired new password.
| Status | Meaning |
|---|---|
200 | OK — password changed. Returns "Contraseña modificada". |
400 | Bad Request — either oldPassword or newPassword is missing or blank. |
401 | Unauthorized — oldPassword does not match the stored password. |
404 | Not Found — user from JWT not found. |
PATCH /api/usuarios/admin/{id}
Resets a user’s password to a system-generated value and sends the new credentials to the user via email. No body is required.Required role:
ADMIN or SUPER_ADMINPath parameters
The unique identifier of the user whose password should be reset.
| Status | Meaning |
|---|---|
200 | OK — password reset and email sent. |
404 | Not Found — no user with that id exists. |
403 | Forbidden — caller does not have the required role. |