The Credith API is a RESTful service built with Express.js and backed by PostgreSQL (via Sequelize ORM). It serves as the data layer for the Credith point-of-sale and credit management platform, handling everything from user authentication and product inventory to CAI-based invoicing and installment payment plans. All routes are mounted under theDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/RoyGeova07/Credith/llms.txt
Use this file to discover all available pages before exploring further.
/api prefix, all request bodies are JSON, and all responses are JSON.
Base URL
In development, the server runs on port 3000 by default:PORT environment variable:
index.js and reads process.env.PORT, falling back to 3000 when the variable is not set:
Request Format
All write operations (POST, PUT, PATCH) expect a JSON body. Set the Content-Type header accordingly:
Response Format
All endpoints return JSON. Responses follow standard HTTP semantics — success payloads are wrapped in a top-level object; error payloads always contain amessage field.
| Status Code | Meaning |
|---|---|
200 OK | Request succeeded; body contains the result |
201 Created | Resource was successfully created |
400 Bad Request | Validation failed, duplicate entry, or invalid field value |
401 Unauthorized | Missing or invalid JWT token (protected routes only) |
403 Forbidden | Token present but permission denied |
404 Not Found | Requested resource does not exist |
500 Internal Server Error | Unhandled server-side exception |
Pagination
All list endpoints that return potentially large collections support cursor-style pagination via two query parameters:| Parameter | Type | Default | Description |
|---|---|---|---|
limit | integer | 10 | Maximum number of records to return |
offset | integer | 0 | Number of records to skip before returning results |
GET /api/users, GET /api/companies, GET /api/stores, GET /api/products, GET /api/cais, GET /api/cai-ranges, GET /api/checkout-machines, GET /api/clients, GET /api/roles, and GET /api/users/employees.
Pagination parameters are always optional. When omitted,
limit defaults to 10 and offset defaults to 0. The response total field reflects the full count of matching records in the database, not just the current page.Global Middleware
The following middleware is registered inapp.js and applies to all (or nearly all) incoming requests before they reach route handlers:
| Middleware | Scope | Description |
|---|---|---|
cors | Global | Allows cross-origin requests from CORS_ORIGIN (default: http://localhost:5173) with credentials support, enabling cookie transmission from the frontend |
cookie-parser | Global | Parses the Cookie header and populates req.cookies, including the token and session cookies used for authentication |
express.json() | Global | Parses incoming application/json request bodies and populates req.body |
LoggerMiddleware | Global (non-test) | Custom middleware that logs the HTTP method, URL, timestamp, response status code, and total duration in milliseconds. Skipped when NODE_ENV=test. Swagger asset routes are silently ignored |
Available Resource Groups
Users & Roles
Register users, manage activation status, update passwords, assign roles, and list employees.
Companies & Stores
Create and update companies (with RTN), manage store branches, and control store activation.
Products & Categories
Full product lifecycle including soft-delete/recover, category tagging, and store inventory links.
CAI & Invoicing
Manage government-authorized invoice numbers (CAIs), their numeric ranges, and checkout machines.
Bills
Create fiscal invoices with line items, ISV tax breakdown, discounts, and payment type selection.
Payment Plans
Manage INSTALLMENT plans — recalculate schedules, record payments, and track overdue balances.
Clients
Create and manage clients identified by DNI; link clients to installment payment plans.
Reports
Product performance, per-store monthly summaries, and company-level aggregated revenue reports.
Health Check
A root-level health check endpoint is available outside the/api prefix. It returns a static JSON message confirming the server is running:
Swagger UI
WhenNODE_ENV=development, the API automatically serves an interactive Swagger UI at:
@swagger annotations on each route file and provides a live sandbox for testing every endpoint. It is not available in production.
The logger middleware silently ignores requests to Swagger static assets (
/api-docs/swagger-ui.css, swagger-ui-bundle.js, etc.) to keep the console output clean during API exploration.