Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/JorLOrT/rappi2/llms.txt

Use this file to discover all available pages before exploring further.

The Users API provides administrative control over user accounts. Every endpoint requires a valid Bearer token. Read operations require the usuarios:read permission; write operations require usuarios:write; and deletion requires usuarios:delete.

GET /api/usuarios/

List all users with optional filtering and pagination. Authentication: Bearer token required.
Permission required: usuarios:read

Query parameters

skip
number
default:"0"
Number of records to skip. Use with limit for pagination.
limit
number
default:"50"
Maximum number of records to return. Cannot exceed 200.
activo
boolean
Filter by account status. Omit to return all users regardless of status.

Response — 200 OK

Returns an array of UsuarioResponse objects.
id
number
required
Auto-incremented user ID.
username
string
required
Unique username.
email
string
required
Email address.
rol_id
number
required
ID of the assigned role.
cliente_id
number
ID of the linked Cliente record, or null.
activo
boolean
required
Whether the account is active.
fecha_registro
string
required
ISO 8601 timestamp of account creation.
rol
object
Embedded role with its permissions.
curl --request GET \
  --url 'https://api.example.com/api/usuarios/?skip=0&limit=20&activo=true' \
  --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...'

[
  {
    "id": 1,
    "username": "admin",
    "email": "admin@example.com",
    "rol_id": 2,
    "cliente_id": null,
    "activo": true,
    "fecha_registro": "2026-01-01T00:00:00Z",
    "rol": {
      "id": 2,
      "nombre": "Admin",
      "permisos": [
        { "id": 1, "rol_id": 2, "recurso": "usuarios", "accion": "*" }
      ]
    }
  }
]

POST /api/usuarios/

Create a new user account directly (admin operation). Unlike /api/auth/register, this endpoint does not auto-create a Cliente record and requires explicit rol_id. Authentication: Bearer token required.
Permission required: usuarios:write

Request body

username
string
required
Unique username. Maximum 50 characters.
email
string
required
Unique email address.
password
string
required
Plain-text password. Hashed with bcrypt before storage.
rol_id
number
required
ID of the role to assign. Must reference an existing role.
cliente_id
number
ID of an existing Cliente record to link to this user. Must be unique across users.

Response — 201 Created

Returns the created UsuarioResponse. See GET /api/usuarios/ for the full field list. 
curl --request POST \
  --url https://api.example.com/api/usuarios/ \
  --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...' \
  --header 'Content-Type: application/json' \
  --data '{
    "username": "conductor01",
    "email": "conductor01@example.com",
    "password": "p@ssw0rd",
    "rol_id": 3
  }'

{
  "id": 55,
  "username": "conductor01",
  "email": "conductor01@example.com",
  "rol_id": 3,
  "cliente_id": null,
  "activo": true,
  "fecha_registro": "2026-05-22T12:00:00Z",
  "rol": {
    "id": 3,
    "nombre": "Conductor",
    "permisos": []
  }
}

GET /api/usuarios/

Retrieve a single user by ID. Authentication: Bearer token required.
Permission required: usuarios:read

Path parameters

usuario_id
number
required
ID of the user to retrieve.

Response — 200 OK

Returns a UsuarioResponse object. See GET /api/usuarios/ for the full field list. 
curl --request GET \
  --url https://api.example.com/api/usuarios/55 \
  --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...'

{
  "id": 55,
  "username": "conductor01",
  "email": "conductor01@example.com",
  "rol_id": 3,
  "cliente_id": null,
  "activo": true,
  "fecha_registro": "2026-05-22T12:00:00Z",
  "rol": {
    "id": 3,
    "nombre": "Conductor",
    "permisos": []
  }
}

PATCH /api/usuarios/

Partially update a user account. Only fields included in the request body are modified. Changing rol_id invalidates the role permission cache for both old and new roles. Authentication: Bearer token required.
Permission required: usuarios:write

Path parameters

usuario_id
number
required
ID of the user to update.

Request body

All fields are optional. Include only the fields you want to change.
email
string
New email address. Must be unique.
rol_id
number
ID of the new role to assign.
activo
boolean
Set to false to deactivate without deleting, or true to re-activate.
password
string
New plain-text password. Hashed before storage.

Response — 200 OK

Returns the updated UsuarioResponse. See GET /api/usuarios/ for the full field list. 
curl --request PATCH \
  --url https://api.example.com/api/usuarios/55 \
  --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...' \
  --header 'Content-Type: application/json' \
  --data '{"activo": false}'

{
  "id": 55,
  "username": "conductor01",
  "email": "conductor01@example.com",
  "rol_id": 3,
  "cliente_id": null,
  "activo": false,
  "fecha_registro": "2026-05-22T12:00:00Z",
  "rol": {
    "id": 3,
    "nombre": "Conductor",
    "permisos": []
  }
}

DELETE /api/usuarios/

Soft-delete a user by setting activo = false. The record is retained in the database; the user cannot log in while inactive. Authentication: Bearer token required.
Permission required: usuarios:delete

Path parameters

usuario_id
number
required
ID of the user to deactivate.

Response — 204 No Content

No response body is returned on success. 
curl --request DELETE \
  --url https://api.example.com/api/usuarios/55 \
  --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...'

{ "detail": "Usuario no encontrado" }

Build docs developers (and LLMs) love

Get started for freeTalk to us