Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/ttpullima/RomsoftBackEnd2021_v2/llms.txt

Use this file to discover all available pages before exploring further.

The SEG_USUARIO controller exposes the full lifecycle management surface for system user accounts in Romsoft Gestión Clínica. Through these endpoints you can create new operator accounts, query individual users or filtered lists, page through the full user directory, look up credentials by username, apply updates to existing records, and perform soft-deletes — all within a consistent JsonResponse envelope.
The [Authorize] attribute is present in the source but commented out (//[Authorize] //DeComentar par recibir token). In the current build, these endpoints do not enforce token validation at the framework level. When the attribute is uncommented, all actions will require an Authorization: Bearer <token> header obtained from POST /api/Account/Login.

SEG_USUARIODTO — Shared Data Shape

Most endpoints in this controller both accept and return objects that conform to the SEG_USUARIODTO shape. Understanding its fields upfront makes it easier to construct requests and interpret responses.

POST /api/SEG_USUARIO/Add

Creates a new user account. Before inserting, the controller calls Exists() on the business layer to check for duplicate records. If a matching user is already present, the operation is rejected with a warning rather than creating a duplicate. POST /api/SEG_USUARIO/Add

Request Body

id_rol
integer
required
The role to assign to the new user. Obtain valid role IDs from /api/SEG_ROL/GetAllActives.
usuario
string
required
Desired login username. Must be unique — the endpoint will reject the request if a user with this username already exists.
clave
string
required
Account password.
apellidos
string
Surname(s) of the user.
nombres
string
Given name(s) of the user.
nro_documento
string
National identity document number.
sexo
string
Sex code ("M" or "F").
email
string
Email address.
celular
string
Mobile phone number.
estado
string
required
Initial account status. Use "A" to create an active account.
UsuarioCreacion
string
required
Username of the operator performing the creation. Written to the audit log.

Response

ScenarioSuccessWarningMessage
Record createdtruefalse"Se registró satisfactoriamente."
Duplicate foundtruetrue"El registro ya existe."
Insert failedtruetrue"No se pudo realizar el registro."
Server errorfalse"Hubo un error, inténtelo más tarde."
curl -X POST https://<your-server>/api/SEG_USUARIO/Add \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <token>" \
  -d '{
    "id_rol": 2,
    "usuario": "jperez",
    "clave": "Secure#Pass1",
    "apellidos": "Pérez Rodríguez",
    "nombres": "Juan",
    "nro_documento": "45678901",
    "sexo": "M",
    "email": "[email protected]",
    "celular": "987654321",
    "estado": "A",
    "UsuarioCreacion": "admin"
  }'

POST /api/SEG_USUARIO/GetAllFilters

Returns a list of user records filtered by whichever SEG_USUARIODTO fields are populated in the request body. Fields that are left null or empty are not applied as filter criteria. Use this endpoint to search for users by role, status, document number, or any combination of the available fields. POST /api/SEG_USUARIO/GetAllFilters

Request Body

Send a SEG_USUARIODTO object with any combination of the following filter fields:
id_rol
integer
Filter by role assignment.
usuario
string
Filter by username (exact or partial match depends on the database query implementation).
apellidos
string
Filter by surname.
nombres
string
Filter by given name.
nro_documento
string
Filter by document number.
estado
string
Filter by account status ("A" for active, "I" for inactive).

Response

Data contains an array of SEG_USUARIODTO objects matching the applied filters. 
curl -X POST https://<your-server>/api/SEG_USUARIO/GetAllFilters \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <token>" \
  -d '{"estado": "A", "id_rol": 2}'

POST /api/SEG_USUARIO/GetAllPaging

Returns a paginated slice of the full user list. Use this endpoint when rendering paginated data grids or tables that need to handle large user directories efficiently. POST /api/SEG_USUARIO/GetAllPaging

Request Body

PageNumber
integer
required
The 1-based page index to retrieve.
PageSize
integer
required
The maximum number of records to include in the returned page.

Response

Data contains an array of SEG_USUARIODTO objects representing the requested page of results. The Cantidad field on each record may indicate the total row count, which can be used to calculate total page count on the client side. 
curl -X POST https://<your-server>/api/SEG_USUARIO/GetAllPaging \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <token>" \
  -d '{"PageNumber": 1, "PageSize": 20}'

POST /api/SEG_USUARIO/GetById

Retrieves a specific user record by its primary key. Returns a single-element list wrapped in the standard Data array. If no user with the given id_usuario is found, a warning is returned. POST /api/SEG_USUARIO/GetById

Request Body

id_usuario
integer
required
The primary key of the user record to retrieve.

Response

ScenarioSuccessWarningData
User foundtruefalseArray with one SEG_USUARIODTO
Not foundtruetruenull
Server errorfalsenull
curl -X POST https://<your-server>/api/SEG_USUARIO/GetById \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <token>" \
  -d '{"id_usuario": 5}'

POST /api/SEG_USUARIO/GetByUsername

Looks up a user by username and password. This is the administrative counterpart to the public login endpoint — it returns a full SEG_USUARIODTO (rather than the slimmer SEG_USUARIOLoginDTO) and is intended for use in back-office user management screens rather than authentication flows. POST /api/SEG_USUARIO/GetByUsername
This endpoint validates a username/password pair and returns the full user record including the clave field. Restrict access to trusted administrative clients and ensure transport-layer encryption (HTTPS) is always enforced.

Request Body

usuario
string
required
The username to look up.
clave
string
required
The password to validate against the stored credential.

Response

On a successful match, Data contains a single SEG_USUARIODTO object. If no matching record is found, Warning is set to true and Message is "El usuario no pertenece al sistema.". 
curl -X POST https://<your-server>/api/SEG_USUARIO/GetByUsername \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <token>" \
  -d '{"usuario": "jperez", "clave": "Secure#Pass1"}'

POST /api/SEG_USUARIO/Update

Applies changes to an existing user record. The entire SEG_USUARIODTO object is submitted, so populate all fields — not only the ones being changed — to avoid inadvertently blanking out values. POST /api/SEG_USUARIO/Update

Request Body

id_usuario
integer
required
Primary key of the record to update. Must match an existing user.
id_rol
integer
Updated role assignment.
usuario
string
Updated username.
clave
string
Updated password.
apellidos
string
Updated surname(s).
nombres
string
Updated given name(s).
nro_documento
string
Updated document number.
sexo
string
Updated sex code.
email
string
Updated email address.
celular
string
Updated mobile phone number.
estado
string
Updated account status.
UsuarioModificacion
string
required
Username of the operator performing the update. Written to the audit log.

Response

ScenarioSuccessWarningMessage
Update appliedtruefalse"Se actualizó satisfactoriamente."
No rows affectedtruetrue"No se pudo realizar la actualización."
Server errorfalse"Hubo un error, inténtelo más tarde."
curl -X POST https://<your-server>/api/SEG_USUARIO/Update \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <token>" \
  -d '{
    "id_usuario": 5,
    "id_rol": 3,
    "usuario": "jperez",
    "clave": "NewSecure#Pass2",
    "apellidos": "Pérez Rodríguez",
    "nombres": "Juan",
    "nro_documento": "45678901",
    "sexo": "M",
    "email": "[email protected]",
    "celular": "987654321",
    "estado": "A",
    "UsuarioModificacion": "admin"
  }'

POST /api/SEG_USUARIO/Delete

Performs a soft-delete on the specified user record. The record is not physically removed from the database; instead, the business layer updates its status to reflect deletion. The audit log entry is written using UsuarioModificacion from the request body. POST /api/SEG_USUARIO/Delete
This is a soft-delete operation. The user record remains in the database and can be recovered by directly updating the estado field via the Update endpoint.

Request Body

id_usuario
integer
required
Primary key of the user record to delete.
UsuarioModificacion
string
required
Username of the operator performing the deletion. Written to the audit log.

Response

ScenarioSuccessWarningMessage
Delete appliedtruefalse"Se eliminó satisfactoriamente."
No rows affectedtruetrue"No se pudo realizar la eliminación."
Server errorfalse"Hubo un error, inténtelo más tarde."
curl -X POST https://<your-server>/api/SEG_USUARIO/Delete \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <token>" \
  -d '{"id_usuario": 5, "UsuarioModificacion": "admin"}'

Build docs developers (and LLMs) love

Get started for freeTalk to us