API Reference
Referencia completa de la API REST de Auris.
Base URL
https://api.aurisid.comAutenticacion
La API usa Bearer tokens para autenticacion:
curl https://api.aurisid.com/users \
-H "Authorization: Bearer sk_live_xxxxx"Errores
La API retorna errores en formato consistente:
{
"error": {
"code": "not_found",
"message": "User not found",
"status": 404
}
}Codigos de error comunes
| Codigo | Status | Descripcion |
|---|---|---|
unauthorized | 401 | API key invalida o faltante |
forbidden | 403 | Sin permisos para esta accion |
not_found | 404 | Recurso no encontrado |
validation_error | 422 | Datos de entrada invalidos |
rate_limited | 429 | Demasiadas solicitudes |
Autenticacion
POST /auth/sign-in
Iniciar sesion con email y contrasena.
curl -X POST https://api.aurisid.com/auth/sign-in \
-H "Content-Type: application/json" \
-d '{
"email": "usuario@email.com",
"password": "contrasena123"
}'Respuesta:
{
"accessToken": "eyJhbGciOiJSUzI1NiIs...",
"refreshToken": "rt_xxxxx",
"user": {
"id": "user_xxxxx",
"email": "usuario@email.com",
"firstName": "Juan",
"lastName": "Perez"
}
}POST /auth/sign-up
Registrar nuevo usuario.
curl -X POST https://api.aurisid.com/auth/sign-up \
-H "Content-Type: application/json" \
-d '{
"email": "nuevo@email.com",
"password": "Password123!",
"firstName": "Juan",
"lastName": "Perez"
}'POST /auth/refresh
Renovar access token.
curl -X POST https://api.aurisid.com/auth/refresh \
-H "Content-Type: application/json" \
-d '{
"refreshToken": "rt_xxxxx"
}'POST /auth/sign-out
Cerrar sesion actual.
curl -X POST https://api.aurisid.com/auth/sign-out \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiIs..."GET /auth/me
Obtener usuario actual.
curl https://api.aurisid.com/auth/me \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiIs..."Usuarios
GET /users
Listar usuarios.
curl "https://api.aurisid.com/users?limit=20&offset=0" \
-H "Authorization: Bearer sk_live_xxxxx"Query params:
limit- Maximo de resultados (default: 10, max: 100)offset- Offset para paginacion (default: 0)orderBy- Campo de ordenamiento (default: createdAt)query- Buscar por nombre o email
GET /users/:id
Obtener usuario por ID.
curl https://api.aurisid.com/users/user_xxxxx \
-H "Authorization: Bearer sk_live_xxxxx"POST /users
Crear usuario.
curl -X POST https://api.aurisid.com/users \
-H "Authorization: Bearer sk_live_xxxxx" \
-H "Content-Type: application/json" \
-d '{
"email": "nuevo@email.com",
"password": "Password123!",
"firstName": "Juan",
"lastName": "Perez",
"emailVerified": true,
"publicMetadata": {
"role": "admin"
}
}'PATCH /users/:id
Actualizar usuario.
curl -X PATCH https://api.aurisid.com/users/user_xxxxx \
-H "Authorization: Bearer sk_live_xxxxx" \
-H "Content-Type: application/json" \
-d '{
"firstName": "Juan Carlos",
"publicMetadata": {
"role": "admin",
"plan": "pro"
}
}'DELETE /users/:id
Eliminar usuario.
curl -X DELETE https://api.aurisid.com/users/user_xxxxx \
-H "Authorization: Bearer sk_live_xxxxx"POST /users/:id/ban
Banear usuario.
curl -X POST https://api.aurisid.com/users/user_xxxxx/ban \
-H "Authorization: Bearer sk_live_xxxxx"POST /users/:id/unban
Desbanear usuario.
curl -X POST https://api.aurisid.com/users/user_xxxxx/unban \
-H "Authorization: Bearer sk_live_xxxxx"Organizaciones
GET /organizations
Listar organizaciones.
curl "https://api.aurisid.com/organizations?limit=20" \
-H "Authorization: Bearer sk_live_xxxxx"GET /organizations/:id
Obtener organizacion.
curl https://api.aurisid.com/organizations/org_xxxxx \
-H "Authorization: Bearer sk_live_xxxxx"POST /organizations
Crear organizacion.
curl -X POST https://api.aurisid.com/organizations \
-H "Authorization: Bearer sk_live_xxxxx" \
-H "Content-Type: application/json" \
-d '{
"name": "Acme Inc",
"slug": "acme",
"createdBy": "user_xxxxx"
}'GET /organizations/:id/members
Listar miembros de organizacion.
curl https://api.aurisid.com/organizations/org_xxxxx/members \
-H "Authorization: Bearer sk_live_xxxxx"POST /organizations/:id/members
Agregar miembro.
curl -X POST https://api.aurisid.com/organizations/org_xxxxx/members \
-H "Authorization: Bearer sk_live_xxxxx" \
-H "Content-Type: application/json" \
-d '{
"userId": "user_yyyyy",
"role": "member"
}'DELETE /organizations/:id/members/:userId
Remover miembro.
curl -X DELETE https://api.aurisid.com/organizations/org_xxxxx/members/user_yyyyy \
-H "Authorization: Bearer sk_live_xxxxx"Sesiones
GET /sessions
Listar sesiones.
curl "https://api.aurisid.com/sessions?userId=user_xxxxx" \
-H "Authorization: Bearer sk_live_xxxxx"DELETE /sessions/:id
Revocar sesion.
curl -X DELETE https://api.aurisid.com/sessions/session_xxxxx \
-H "Authorization: Bearer sk_live_xxxxx"MFA
GET /mfa/status
Estado de MFA del usuario actual.
curl https://api.aurisid.com/mfa/status \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiIs..."POST /mfa/totp/setup
Iniciar configuracion de TOTP.
curl -X POST https://api.aurisid.com/mfa/totp/setup \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiIs..."Respuesta:
{
"secret": "JBSWY3DPEHPK3PXP",
"qrCodeUri": "data:image/png;base64,..."
}POST /mfa/totp/verify
Verificar y activar TOTP.
curl -X POST https://api.aurisid.com/mfa/totp/verify \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiIs..." \
-H "Content-Type: application/json" \
-d '{
"code": "123456"
}'DELETE /mfa/totp
Desactivar TOTP.
curl -X DELETE https://api.aurisid.com/mfa/totp \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiIs..." \
-H "Content-Type: application/json" \
-d '{
"code": "123456"
}'Passkeys
GET /passkeys
Listar passkeys del usuario.
curl https://api.aurisid.com/passkeys \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiIs..."POST /passkeys/register/options
Obtener opciones para registrar passkey.
curl -X POST https://api.aurisid.com/passkeys/register/options \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiIs..."POST /passkeys/register/verify
Verificar y guardar passkey.
curl -X POST https://api.aurisid.com/passkeys/register/verify \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiIs..." \
-H "Content-Type: application/json" \
-d '{
"credential": { ... },
"deviceName": "MacBook Pro"
}'DELETE /passkeys/:id
Eliminar passkey.
curl -X DELETE https://api.aurisid.com/passkeys/pk_xxxxx \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiIs..."Rate Limits
La API tiene los siguientes limites:
| Endpoint | Limite |
|---|---|
| Autenticacion | 10 req/min por IP |
| API (lectura) | 1000 req/min |
| API (escritura) | 100 req/min |
Los headers de respuesta incluyen informacion del rate limit:
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 999
X-RateLimit-Reset: 1705312800