Once you have anDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/Miguel-Rodriguez15/msvc/llms.txt
Use this file to discover all available pages before exploring further.
access_token from msvc-auth, include it as a Bearer token in the Authorization header of every protected request. msvc-usuarios enforces scope-based authorization using Spring Security’s oauth2ResourceServer JWT support; msvc-cursos requires a valid Bearer token for the course detail endpoint (GET /{id}) that fetches enrolled users.
Attaching the Token
Pass the token in the standardAuthorization: Bearer <access_token> header:
The password field is BCrypt-hashed by
msvc-usuarios before being stored. Send the plaintext value in the request body; the service handles encoding automatically.Scope Requirements
msvc-usuarios maps scopes to HTTP methods in its SecurityFilterChain. The table below shows the exact authority required for each endpoint:
| Endpoint | Method | Required Scope |
|---|---|---|
/ (usuarios) | GET | SCOPE_read or SCOPE_write |
/{id} (usuarios) | GET | SCOPE_read or SCOPE_write |
/ (usuarios) | POST | SCOPE_write |
/{id} (usuarios) | PUT | SCOPE_write |
/{id} (usuarios) | DELETE | SCOPE_write |
/usuarios-por-curso | GET | Any authenticated token |
GET /{id} (cursos) | GET | Bearer token required (header enforced in controller) |
All other /cursos routes | — | No Authorization header required |
SecurityConfig in msvc-usuarios expresses these rules as:
Via the Gateway
All requests can also be sent throughmsvc-gateway on port 8090. The gateway routes /api/usuarios/** to msvc-usuarios and /api/cursos/** to msvc-cursos, forwarding headers — including Authorization — transparently:
Token Decoding
Theaccess_token is a standard three-part JWT (header.payload.signature). You can inspect the claims without a library by base64-decoding the payload segment:
msvc-auth contains:
| Claim | Meaning |
|---|---|
sub | The authenticated user’s email address |
aud | The intended audience (client ID) |
iss | The issuer URI of msvc-auth |
iat | Issued-at timestamp (Unix seconds) |
exp | Expiry timestamp — token is invalid after this |
scope | Space-separated list of granted scopes |
OIDC UserInfo
When the token was issued with theopenid scope, you can retrieve the authenticated user’s identity claims from the OIDC UserInfo endpoint without decoding the JWT manually:
sub, email, and any profile attributes populated by the authorization server.