Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/LENINMORENO13/OpsMind/llms.txt

Use this file to discover all available pages before exploring further.

OpsMind uses JSON Web Tokens (JWT) for stateless authentication. Every monitor endpoint is protected by the verifyToken middleware, which requires a valid Bearer token in the Authorization header of each request. Tokens are signed with a server-side secret and expire after 1 hour, keeping your credentials short-lived and your API surface secure.

Register a new user

Create an account by sending a POST request to /api/v1/auth/register with your email and password. The email must be a valid address and the password must be at least 6 characters — these constraints are enforced by the Zod validation schema before the request ever reaches the database.
curl -X POST https://opsmind-e07b.onrender.com/api/v1/auth/register \
  -H "Content-Type: application/json" \
  -d '{
    "email": "you@example.com",
    "password": "supersecret"
  }'
Success — 201 Created
Response
{
  "success": true,
  "message": "User created successfully",
  "data": {
    "user": 1,
    "email": "you@example.com"
  }
}
Error cases
StatusCondition
400A user with that email already exists ("User with this email already exists")
400Validation failure — invalid email format ("Invalid email format")
400Validation failure — password shorter than 6 characters ("The password must be at least 6 characters")
500Unexpected server error

Log in and obtain a token

Exchange your credentials for a JWT by calling POST /api/v1/auth/login. The token is returned as a plain string in the data field of the response body.
curl -X POST https://opsmind-e07b.onrender.com/api/v1/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "you@example.com",
    "password": "supersecret"
  }'
Success — 200 OK
Response
{
  "success": true,
  "data": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwiZW1haWwiOiJ5b3VAZXhhbXBsZS5jb20iLCJpYXQiOjE3MDA..."
}
Error cases
StatusCondition
401Email not found or password does not match ("Unauthorized")
500Unexpected server error

Using the token

Copy the string from data and attach it to every subsequent request in the Authorization header using the Bearer scheme.
cURL — authenticated request
curl https://opsmind-e07b.onrender.com/api/v1/monitors \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
Tokens expire 1 hour after they are issued (expiresIn: '1h'). After expiry, protected endpoints return 401 Invalid token. You must call POST /api/v1/auth/login again to obtain a fresh token. Build your client to detect 401 responses and refresh the token automatically.

End-to-end example

The following walkthrough shows a full register → login → use-token flow in one sequence.
1

Register a new account

cURL
curl -X POST https://opsmind-e07b.onrender.com/api/v1/auth/register \
  -H "Content-Type: application/json" \
  -d '{"email": "you@example.com", "password": "supersecret"}'
2

Log in and capture the token

cURL
TOKEN=$(curl -s -X POST https://opsmind-e07b.onrender.com/api/v1/auth/login \
  -H "Content-Type: application/json" \
  -d '{"email": "you@example.com", "password": "supersecret"}' \
  | jq -r '.data')
3

Use the token to list monitors

cURL
curl https://opsmind-e07b.onrender.com/api/v1/monitors \
  -H "Authorization: Bearer $TOKEN"

How JWT verification works

Every protected route in OpsMind passes through the verifyToken middleware before it reaches a controller. Understanding this flow helps you debug 401 errors quickly.
1

Read the Authorization header

The middleware reads req.headers.authorization. If the header is missing or does not start with "Bearer ", it immediately returns 401 Access denied. Token not provided.
2

Extract the token string

The token is extracted by splitting the header value on the space character — header.split(" ")[1] — discarding the "Bearer" prefix.
3

Verify the signature

jwt.verify(token, process.env.JWT_SECRET) is called. If the token is valid and unexpired, the decoded payload { id, email } is attached to req.user and next() is called to continue the request lifecycle.
4

Handle invalid tokens

If verification throws for any reason — bad signature, expired token, malformed string — the middleware catches the error and returns 401 Invalid token. No further middleware or controller code runs.
verifyToken middleware (src/middlewares/authMiddleware.js)
import jwt from "jsonwebtoken";

export const verifyToken = async (req, res, next) => {
  const header = req.headers.authorization;

  if (!header || !header.startsWith("Bearer ")) {
    return res.status(401).json({
      success: false,
      error: "Access denied. Token not provided.",
    });
  }

  const token = header.split(" ")[1];

  try {
    const verify = jwt.verify(token, process.env.JWT_SECRET);
    req.user = verify;
    next();
  } catch (error) {
    return res.status(401).json({
      success: false,
      error: "Invalid token",
    });
  }
};

Build docs developers (and LLMs) love