All clientes endpoints require a valid JWT token in theDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/Medinaallan/ContabilidadISV/llms.txt
Use this file to discover all available pages before exploring further.
Authorization header (Bearer <token>). Clients (empresas) are the legal entities on behalf of which tax consolidations are created. The RTN (Registro Tributario Nacional) is Honduras’s tax registration number and must contain only digits and hyphens — it uniquely identifies a company in the SAR (Servicio de Administración de Rentas) system. Every write operation is automatically logged to the system audit trail.
GET /api/clientes
List all client records. By default returns only active clients (activo = 1). Supports optional filtering by status and a full-text search across company name, RTN, representative, and sector.
Auth: Bearer token required.
Query Parameters
Filter by active status. Pass
true (default) for active clients only, false to retrieve deactivated clients. Omit to receive all clients regardless of status.Free-text search term. Matched against
nombre_empresa, rtn, representante, and rubro fields.Response
true on a successful query.Array of client objects matching the filter criteria.
Count of client records returned.
Example
POST /api/clientes
Create a new client company record. All seven core fields are required. Optionally accepts a logo image file viamultipart/form-data (max 5 MB; image formats only).
Auth: Bearer token required.
This endpoint uses
multipart/form-data when uploading a logo. Send text fields alongside the logo file part. If you are not uploading a logo, you may use application/json instead — the uploadLogo middleware will simply find no file.Request Body
Legal name of the company. Length: 2–255 characters.
Registro Tributario Nacional. Length: 3–50 characters. Must match
/^[0-9\-]+$/ — only digits and hyphens are accepted. The value is stored in uppercase. Duplicate RTNs are rejected with HTTP 409.Business sector (e.g.
"Hotelería", "Comercio", "Servicios"). Length: 2–100 characters.Full legal name of the company representative. Length: 2–255 characters.
Contact phone number. Length: 8–20 characters. Must match
/^[\d\-\+\(\)\s]+$/ — digits, spaces, hyphens, parentheses, and + are allowed (e.g. "2239-4455" or "+504 9988-7766").Contact email address. Must be a valid email format. Max 255 characters. Stored lowercase.
Physical address. Length: 5–500 characters.
Company logo image. Sent as the
logo field in a multipart/form-data request. Max 5 MB. Only image MIME types (image/*) are accepted. The server stores the file at uploads/logos/ and sets logo_url automatically.Set to
true to bypass the duplicate-RTN check and force-create the record. Use with caution.Response
true on successful creation."Cliente creado exitosamente"Full client record as persisted, including the server-assigned
id, logo_url, activo, fecha_registro, and fecha_actualizacion.Error Responses
| HTTP Status | Scenario |
|---|---|
400 | Validation failure — details array lists each failing field and its message |
409 | A client with the same RTN already exists in the database |
500 | Unhandled server error |
Example
GET /api/clientes/:id
Fetch a single client by its numeric ID. Returns404 if the client does not exist; returns 400 if the id path segment is not a valid integer.
Auth: Bearer token required.
Path Parameters
Numeric primary key of the client.
Response
true on success.Full client record. See the fields listed in GET /api/clientes.
PUT /api/clientes/:id
Update one or more fields on an existing client record. All fields are optional — only the fields included in the request body will be updated. Validation rules are identical toPOST but no field is required. A logo file can be updated by sending a new multipart/form-data request with a logo field; the previous logo file will be deleted from disk automatically.
Auth: Bearer token required.
Path Parameters
Numeric ID of the client to update.
Request Body
Updated company name. Length: 2–255 characters.
Updated RTN. Length: 3–50 characters. Must match
/^[0-9\-]+$/. Stored uppercase.Updated business sector. Length: 2–100 characters.
Updated representative name. Length: 2–255 characters.
Updated phone number. Length: 8–20 characters. Must match
/^[\d\-\+\(\)\s]+$/.Updated email address. Must be valid format. Max 255 characters.
Updated address. Length: 5–500 characters.
Set to
false to deactivate the client, true to reactivate. This field is available on PUT but not on POST (new clients are always active).New logo image (
multipart/form-data). Replaces the existing logo. Max 5 MB, image formats only.Response
true on successful update."Cliente actualizado exitosamente"The updated client record as re-fetched from the database after the change.
DELETE /api/clientes/:id
Soft-delete (deactivate) a client. Setsactivo = false in the database. The client record is preserved and can be reactivated via PUT /api/clientes/:id with "activo": true. Deactivated clients do not appear in the default GET /api/clientes response unless activo=false is passed.
Auth: Bearer token required.
This is a soft delete — the client row is not removed from the database. All associated consolidation records remain intact. To permanently delete a client (admin only), use
DELETE /api/clientes/:id/hard.Path Parameters
Numeric ID of the client to deactivate.
Response
true on successful deactivation.Human-readable confirmation returned by the model, e.g.
"Cliente desactivado exitosamente".Additional Endpoints
The following endpoints are also available on the/api/clientes router but are supplementary to the core CRUD operations above.
GET /api/clientes/stats
Returns aggregate statistics for the client list. Auth: Bearer token required.true on success.Statistics object returned by
Cliente.getStats(). Typically includes counts of active/inactive clients and breakdowns by rubro.PATCH /api/clientes/:id/toggle-status
Toggle theactivo flag of a client without specifying the new value — the server flips the current state. Useful for quick activate/deactivate actions in list views.
Auth: Bearer token required.
ID of the client whose status should be toggled.
true on success."Cliente activado exitosamente" or "Cliente desactivado exitosamente".Updated client record reflecting the new
activo state.DELETE /api/clientes/:id/hard
Permanently delete a client and remove its logo from disk. Admin role required. Returns403 Forbidden for non-admin users. This operation is irreversible.
Auth: Bearer token required + role = "admin".
ID of the client to permanently remove.
true on success.Confirmation message from the model’s
deleteHard() method.POST /api/clientes/upload-csv
Bulk-import clients from a CSV file. Admin role required. The CSV must be semicolon-delimited with headers matching the client field names. Both UTF-8 and ISO-8859-1 (Windows Latin-1) encodings are accepted. RTNs must be exactly 14 digits; rows with invalid RTNs or missing required fields are skipped and reported in theerrors array.
Auth: Bearer token required + role = "admin".
Content-Type: multipart/form-data
The CSV file to import. Required columns:
nombre_empresa, rtn, rubro, representante, telefono, email, direccion. Optional columns: logo_url, activo, fecha_registro, fecha_actualizacion.true if the upload was processed (even if some rows had errors).Number of client records successfully created.
Array of objects describing rows that could not be imported. Each item contains
nombre, rtn, and error fields.RTN Format Reference
Error Responses
All endpoints return a consistent error envelope on failure:| HTTP Status | Meaning |
|---|---|
400 | Validation error, missing required fields, or no update fields provided |
403 | Insufficient role (admin-only endpoint accessed by non-admin) |
404 | Client not found |
409 | RTN conflict — a client with this RTN already exists |
500 | Unhandled server error |
Related Pages
- Authentication — Obtain a JWT token
- Consolidaciones API — Create consolidation records referencing a
cliente_id - Reports API — Generate per-client tax reports
- Features — Clients — Client management feature overview
- Audit Logs API — View system events generated by client operations