OpsMind uses JSON Web Tokens (JWT) for stateless authentication. Every monitor endpoint is protected by theDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/LENINMORENO13/OpsMind/llms.txt
Use this file to discover all available pages before exploring further.
verifyToken middleware, which requires a valid Bearer token in the Authorization header of each request. Tokens are signed with a server-side secret and expire after 1 hour, keeping your credentials short-lived and your API surface secure.
Register a new user
Create an account by sending aPOST request to /api/v1/auth/register with your email and password. The email must be a valid address and the password must be at least 6 characters — these constraints are enforced by the Zod validation schema before the request ever reaches the database.
201 Created
Response
| Status | Condition |
|---|---|
400 | A user with that email already exists ("User with this email already exists") |
400 | Validation failure — invalid email format ("Invalid email format") |
400 | Validation failure — password shorter than 6 characters ("The password must be at least 6 characters") |
500 | Unexpected server error |
Log in and obtain a token
Exchange your credentials for a JWT by callingPOST /api/v1/auth/login. The token is returned as a plain string in the data field of the response body.
200 OK
Response
| Status | Condition |
|---|---|
401 | Email not found or password does not match ("Unauthorized") |
500 | Unexpected server error |
Using the token
Copy the string fromdata and attach it to every subsequent request in the Authorization header using the Bearer scheme.
cURL — authenticated request
End-to-end example
The following walkthrough shows a full register → login → use-token flow in one sequence.How JWT verification works
Every protected route in OpsMind passes through theverifyToken middleware before it reaches a controller. Understanding this flow helps you debug 401 errors quickly.
Read the Authorization header
The middleware reads
req.headers.authorization. If the header is missing or does not start with "Bearer ", it immediately returns 401 Access denied. Token not provided.Extract the token string
The token is extracted by splitting the header value on the space character —
header.split(" ")[1] — discarding the "Bearer" prefix.Verify the signature
jwt.verify(token, process.env.JWT_SECRET) is called. If the token is valid and unexpired, the decoded payload { id, email } is attached to req.user and next() is called to continue the request lifecycle.verifyToken middleware (src/middlewares/authMiddleware.js)