Skip to main content

Base URL

EnvironmentBase URL
Productionhttps://task-forge-gbd6h8gtg8hchve9.chilecentral-01.azurewebsites.net
Local developmenthttp://localhost:5000
All endpoints are prefixed with /api. For example, the login endpoint is available at /api/auth/login.

Authentication

All endpoints except POST /api/auth/register, POST /api/auth/login, and GET /api/health require a valid JWT access token in the Authorization header. 
Authorization: Bearer <access_token>
The refresh endpoint (POST /api/auth/refresh) is an exception — it accepts a refresh token instead of an access token. Tokens are issued by the login endpoint. Access tokens are short-lived; use refresh tokens to obtain new access tokens without re-authenticating.

Request format

All request bodies must be JSON. Set the Content-Type header accordingly. 
Content-Type: application/json

Response envelope

All responses follow a consistent envelope structure. Success: 
{
  "success": true,
  "data": { ... },
  "message": "Optional human-readable message"
}
Error: 
{
  "success": false,
  "message": "Description of what went wrong"
}
HTTP status codes reflect the outcome: 2xx for success, 4xx for client errors, 5xx for server errors.

Pagination

List endpoints accept the following query parameters:
ParameterTypeDefaultDescription
pageinteger1Page number (1-indexed)
per_pageinteger20Results per page
sort_bystringvariesField to sort by
sort_orderstringascSort direction: asc or desc
Paginated responses include a pagination object in the response data: 
{
  "success": true,
  "data": {
    "items": [ ... ],
    "pagination": {
      "page": 1,
      "per_page": 20,
      "total": 150,
      "pages": 8,
      "has_next": true,
      "has_prev": false
    }
  }
}

Endpoint reference

Authentication

MethodPathAuth requiredDescription
POST/api/auth/registerNoneCreate a new user account
POST/api/auth/loginNoneAuthenticate and receive tokens
POST/api/auth/refreshRefresh tokenGet a new access token
POST/api/auth/logoutAccess tokenRevoke a refresh token
GET/api/auth/meAccess tokenGet the authenticated user’s profile
POST/api/auth/change-passwordAccess tokenChange the authenticated user’s password

Tasks

MethodPathAuth requiredRoleDescription
GET/api/tasksAccess tokenAnyList tasks for the current user
GET/api/tasks/{id}Access tokenAnyGet a specific task
POST/api/tasksAccess tokenAnyCreate a new task
PUT/api/tasks/{id}Access tokenAnyUpdate a task
DELETE/api/tasks/{id}Access tokenAnyDelete a task
POST/api/tasks/{id}/completeAccess tokenAnyMark a task as complete
GET/api/tasks/statisticsAccess tokenAnyGet task statistics
GET/api/tasks/exportAccess tokenAnyExport tasks

Users

MethodPathAuth requiredRoleDescription
GET/api/usersAccess tokenAdminList all users
GET/api/users/{id}Access tokenAnyGet a specific user
PUT/api/users/{id}Access tokenAnyUpdate a user
DELETE/api/users/{id}Access tokenAdminDelete a user
POST/api/users/{id}/activateAccess tokenAdminActivate a user account
POST/api/users/{id}/deactivateAccess tokenAdminDeactivate a user account

Tags

MethodPathAuth requiredRoleDescription
GET/api/tagsAccess tokenAnyList all tags
GET/api/tags/{id}Access tokenAnyGet a specific tag
POST/api/tagsAccess tokenAnyCreate a new tag
PUT/api/tags/{id}Access tokenAdminUpdate a tag
DELETE/api/tags/{id}Access tokenAdminDelete a tag

Health

MethodPathAuth requiredDescription
GET/api/healthNoneCheck API health status

Build docs developers (and LLMs) love

Get started for freeTalk to us