Skip to main content
All SmartLogix REST calls pass through a single API gateway running on port 8080. The gateway routes each request to the correct downstream microservice—inventory, orders, or shipments—and enforces JWT authentication on every protected route before forwarding traffic.

Base URL

http://localhost:8080

Endpoints

MethodPathDescriptionAuth
POST/api/auth/registerCreate a new user accountPublic
POST/api/auth/loginObtain a JWT tokenPublic
GET/api/inventarioList all inventory itemsJWT
POST/api/inventarioCreate an inventory itemJWT
GET/api/inventario/{id}Get a single inventory itemJWT
PUT/api/inventario/{id}Replace an inventory itemJWT
DELETE/api/inventario/{id}Delete an inventory itemJWT
GET/api/inventario/{id}/stock?cantidad={qty}Check stock availabilityJWT
GET/api/inventario/alertasList low-stock alertsJWT
GET/api/pedidosList all ordersJWT
POST/api/pedidosCreate an orderJWT
GET/api/pedidos/{id}Get a single orderJWT
GET/api/enviosList all shipmentsJWT
POST/api/enviosCreate a shipmentJWT
GET/api/envios/{id}Get a single shipmentJWT
PATCH/api/envios/{id}/status?status={status}Update shipment statusJWT

Authentication

Every endpoint outside of /api/auth/* requires a valid JWT token. Pass the token in the Authorization header using the Bearer scheme. Tokens are issued by POST /api/auth/login and expire after 24 hours. 
Authorization: Bearer <token>
See the authentication guide for step-by-step instructions.

Common request headers

HeaderValueRequired
Content-Typeapplication/jsonYes, for POST/PUT/PATCH requests
AuthorizationBearer <token>Yes, for all JWT-protected endpoints

HTTP status codes

The API uses standard HTTP status codes throughout.
CodeMeaning
200Request succeeded
201Resource created
204No content (successful delete)
400Bad request — malformed body or missing fields
401Unauthorized — token missing, expired, or invalid
403Forbidden — authenticated but not permitted
404Resource not found
500Internal server error
When the gateway rejects a request with 401, the response body contains a plain-text description: "Token requerido" (missing token) or "Token inválido" (expired or invalid token).

CORS

The gateway accepts cross-origin requests from the following origins:
OriginUse case
http://localhost:5173Local Vite / npm run dev
http://localhost:3000Alternate local dev port
http://127.0.0.1:5173Loopback alias for Vite
http://localhostNginx in Docker
Allowed methods: GET, POST, PUT, PATCH, DELETE, OPTIONS.

Explore by service

Authentication

Register, log in, and obtain a JWT token.

Inventory

Manage products, stock levels, and low-stock alerts.

Orders

Create and retrieve customer orders.

Shipments

Track and update shipment status.