Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/joaomonteir0/printheritage/llms.txt

Use this file to discover all available pages before exploring further.

The authentication endpoints handle all identity operations in PrintHeritage. JWT tokens are issued on login using the HS256 algorithm and expire after 60 minutes. Every request that modifies credentials or creates an account is recorded to the audit log. Pass the token returned by /login in the Authorization: Bearer <token> header for every protected endpoint.

POST /login

Authenticates a user with their email and password and returns a short-lived JWT access token. The request body must be encoded as application/x-www-form-urlencoded — this matches the OAuth2 Password Flow used throughout the platform. A successful login appends a USER_LOGIN entry to the audit log.
The username field must contain the user’s email address, not a display name. The OAuth2 spec names this field username, but PrintHeritage treats it as the account email.
Request Content-Type: application/x-www-form-urlencoded
username
string
required
The account email address used as the login identifier.
password
string
required
The account password in plain text. Verified against the stored bcrypt hash server-side.
Response — 200 OK
access_token
string
Signed HS256 JWT. Include this value in the Authorization header as Bearer <access_token> for all protected requests.
token_type
string
Always "bearer".
Error responses
StatusMeaning
401 UnauthorizedEmail not found or password does not match.
curl -X POST https://api.printheritage.com/login \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "username=jane@example.com&password=mysecretpassword"

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "bearer"
}

POST /register

Creates a new user account. The request body is JSON. If the email address is already associated with an existing account the request is rejected with HTTP 400. On success, a USER_CREATED entry is written to the audit log including the new account’s email.
Passwords are hashed with bcrypt before storage. The plain-text password is never persisted.
Request Content-Type: application/json
email
string
required
A valid email address that must be unique across all platform accounts.
password
string
required
Plain-text password. Minimum recommended length is 8 characters; bcrypt is applied server-side.
global_role
string
required
Platform-wide role assigned to the user. Must be one of SUPER_ADMIN, GENERAL_ADMIN, PROJECT_ADMIN, or VISUALIZER.
full_name
string
Optional display name shown across the platform UI.
birth_date
string
Optional ISO 8601 datetime string, e.g. "1990-06-15T00:00:00".
profile_pic_url
string
Optional URL pointing to the user’s profile picture.
is_public
boolean
Controls profile visibility to other users. Defaults to true.
Response — 200 OKUserResponse
id
string (UUID)
Unique identifier of the newly created user.
email
string
Registered email address.
global_role
string
The platform-wide role assigned to the account.
full_name
string | null
Display name, or null if not provided.
birth_date
string | null
ISO 8601 datetime, or null if not provided.
profile_pic_url
string | null
Profile picture URL, or null if not provided.
is_public
boolean
Indicates whether the profile is publicly visible.
Error responses
StatusDetailMeaning
400 Bad Request"Existe"An account with this email already exists.
curl -X POST https://api.printheritage.com/register \
  -H "Content-Type: application/json" \
  -d '{
    "email": "jane@example.com",
    "password": "mysecretpassword",
    "global_role": "VISUALIZER",
    "full_name": "Jane Doe",
    "is_public": true
  }'

{
  "id": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
  "email": "jane@example.com",
  "global_role": "VISUALIZER",
  "full_name": "Jane Doe",
  "birth_date": null,
  "profile_pic_url": null,
  "is_public": true
}

GET /me

Returns the profile of the currently authenticated user. The identity is resolved from the JWT token supplied in the Authorization header — no request body or query parameters are required. Authentication: Bearer token required. Response — 200 OKUserResponse
id
string (UUID)
Unique identifier of the authenticated user.
email
string
Email address of the authenticated user.
global_role
string
Platform-wide role: SUPER_ADMIN, GENERAL_ADMIN, PROJECT_ADMIN, or VISUALIZER.
full_name
string | null
Display name, or null if not set.
birth_date
string | null
ISO 8601 datetime, or null if not set.
profile_pic_url
string | null
Profile picture URL, or null if not set.
is_public
boolean
Whether the profile is publicly visible.
Error responses
StatusMeaning
401 UnauthorizedToken is missing, expired, or invalid.
curl -X GET https://api.printheritage.com/me \
  -H "Authorization: Bearer <access_token>"

{
  "id": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
  "email": "jane@example.com",
  "global_role": "VISUALIZER",
  "full_name": "Jane Doe",
  "birth_date": null,
  "profile_pic_url": null,
  "is_public": true
}

POST /change-password

Updates the password of the currently authenticated user. The endpoint verifies the supplied current_password against the stored bcrypt hash before applying the change. On success, a PASSWORD_CHANGE entry is written to the audit log. Authentication: Bearer token required. Content-Type: application/json
current_password
string
required
The user’s existing password. Must match the stored bcrypt hash or the request is rejected.
new_password
string
required
The replacement password in plain text. Hashed with bcrypt before being stored.
Response — 200 OK
ok
boolean
Always true when the password was changed successfully.
Error responses
StatusMeaning
400 Bad Requestcurrent_password does not match the stored hash.
401 UnauthorizedToken is missing, expired, or invalid.
curl -X POST https://api.printheritage.com/change-password \
  -H "Authorization: Bearer <access_token>" \
  -H "Content-Type: application/json" \
  -d '{
    "current_password": "mysecretpassword",
    "new_password": "mynewsecurepassword"
  }'

{
  "ok": true
}

Build docs developers (and LLMs) love

Get started for freeTalk to us