Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/scoria02/marbes2021_backend/llms.txt

Use this file to discover all available pages before exploring further.

This guide walks you through the three steps needed to confirm your Marbes Backend instance is running, authenticate with it, and retrieve real data from a protected endpoint. All examples use http://localhost:7780 as the base URL — replace this with your server’s address if you’re connecting to a remote deployment.

Before you begin

Make sure you have:
  • A running Marbes Backend instance (see Deploy with Docker)
  • A valid user account created by your administrator
  • curl or a JavaScript runtime available on your machine
1

Check the health endpoint

The health endpoint requires no authentication and is the fastest way to confirm the server is up and responding correctly.
curl http://localhost:7780/api/health
A healthy server returns HTTP 200 with a JSON body:
{
  "status": "healthy",
  "timestamp": "2024-01-15T10:30:00.000Z",
  "uptime": 3600.42,
  "environment": "production",
  "version": "1.0.0"
}
If you receive a connection error, verify the container is running with docker ps and that port 7780 is accessible.
2

Log in and obtain a JWT

Send a POST request to /api/auth/login with your credentials. You can identify yourself with your email, name, or code — only one is required alongside your password.
curl -X POST http://localhost:7780/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "password": "your_password"
  }'
A successful login returns HTTP 200 with this structure:
{
  "success": true,
  "data": {
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "user": {
      "id": "42",
      "nombre": "Ana",
      "apellido": "García",
      "email": "[email protected]",
      "cedula_rif": "V-12345678",
      "telefono": "+58 412 000 0000",
      "cargo": "Analista",
      "departamento": "Crédito",
      "estatus": "activo",
      "last_activity": "2024-01-15T10:29:55.000Z",
      "created_at": "2023-06-01T00:00:00.000Z",
      "updated_at": "2024-01-15T10:29:55.000Z"
    },
    "permisos": []
  }
}
Copy the value of data.token — you’ll include it in every subsequent request.
Tokens are signed with HS256 and expire after 12 hours. Store the token securely in memory or a session store; do not persist it in localStorage in browser environments.
3

Call a protected endpoint

Attach the token to the Authorization header as a Bearer credential and call any protected endpoint. The example below retrieves all registered investors (aportantes):
curl http://localhost:7780/api/negocios/aportantes \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
A successful response returns HTTP 200 with the list of aportantes.

Common errors on your first call

StatusCauseFix
401 Acceso denegado. No se proveyó token.Missing or malformed Authorization headerEnsure the header is exactly Authorization: Bearer <token> with a space after Bearer
401 Token inválido o expirado.Token has expired (after 12 h) or was tampered withLog in again to obtain a new token
400 on loginMissing required fieldsInclude at least one of email, name, or code and a non-empty password
401 Credenciales inválidas.Wrong password or unrecognized identifierVerify your credentials with your administrator

Next steps

Authentication

Learn all authentication modes, including public credit application links

Deploy with Docker

Set up a production deployment with Docker Compose

Build docs developers (and LLMs) love

Get started for freeTalk to us