Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/TheSerchCp/SEAM-API/llms.txt

Use this file to discover all available pages before exploring further.

The GET /api/v1/users endpoint returns a collection of all user records stored in the system. Each user object includes their role name and role description, sourced from a LEFT JOIN with the roles table. The password field is never included in results. This endpoint requires a valid JWT token and that the caller’s role has the GET /api/v1/users permission registered in the database.

Endpoint

GET /api/v1/users
Base URL: http://localhost:{PORT}/api/v1 Authentication: JWT Bearer token + role permission GET /api/v1/users

Example Request

curl -X GET http://localhost:3000/api/v1/users \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

Responses

200 OK

Returned when the request is authenticated, the role has the required permission, and the query executes successfully. The data array may be empty if no users exist. 
{
  "success": true,
  "message": "Usuarios obtenidos exitosamente",
  "data": [
    {
      "idUser": 1,
      "full_name": "Alice Admin",
      "email": "alice@example.com",
      "roleId": 1,
      "roleName": "admin",
      "roleDescription": "Full system access"
    },
    {
      "idUser": 7,
      "full_name": "Jane Doe",
      "email": "jane.doe@example.com",
      "roleId": 2,
      "roleName": "editor",
      "roleDescription": "Can read and edit content"
    }
  ]
}
success
boolean
Always true for successful responses.
message
string
Human-readable confirmation: "Usuarios obtenidos exitosamente".
data
array
Ordered array of user objects. Sorted by idUser ascending.

401 Unauthorized

Returned when the Authorization header is missing, the token is malformed, or the token has expired. 
{
  "success": false,
  "message": "Token requerido",
  "data": null
}

{
  "success": false,
  "message": "Token inválido o expirado",
  "data": null
}

403 Forbidden

Returned when the JWT is valid but the caller’s role does not have GET /api/v1/users listed in the permissionXRole table. 
{
  "success": false,
  "message": "No tienes permisos para acceder a este recurso",
  "data": null
}

Permission Setup

For a role to access this endpoint, a record must exist in the permissions table with nameUri = "GET /api/v1/users" and that permission must be linked to the role via the permissionXRole pivot table. The roles.middleware constructs the URI string automatically from req.method + req.baseUrl + req.route.path and performs a case-insensitive lookup: 
GET /api/v1/users
Ensure the nameUri value stored in the database matches this exact pattern (case-insensitive match is applied in the query).

Build docs developers (and LLMs) love

Get started for freeTalk to us