Use this endpoint to obtain a JWT token for the Monitor API. All protected endpoints require this token to be passed in theDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/sheeplettuce/Monitor/llms.txt
Use this file to discover all available pages before exploring further.
Authorization: Bearer header. Tokens are signed with the server’s JWT_SECRET and expire after 8 hours — after expiry, a new login is required.
Endpoint
POST /api/auth/login — no authentication required.
Request Body
The user’s login name. Must not contain any whitespace characters.
The user’s password in plaintext. Compared server-side against the stored bcrypt hash.
Example Request
Success Response
Status:200 OK
Signed JWT token. Include this value in subsequent requests as
Authorization: Bearer <token>. Expires in 8 hours.The authenticated user’s profile.
Error Responses
| Status | Condition | Response Body |
|---|---|---|
400 Bad Request | username or password is missing from the request body | { "error": "Usuario y contraseña requeridos" } |
400 Bad Request | username contains whitespace characters | { "error": "El usuario no puede contener espacios" } |
401 Unauthorized | User not found or password does not match | { "error": "Credenciales inválidas" } |
Using the Token
Store the token from the login response and attach it as aBearer token on every subsequent protected request.
The JWT payload contains
{ id, username, rol }. Every protected endpoint decodes this payload via the verificarToken middleware to identify the caller and apply role-based access checks — no additional session lookup is performed.