API Reference

All Tarasol APIs follow consistent conventions for authentication, request format, and error handling.

Base URL

All API requests go through the Gateway Service:

https://{gateway-host}/api/{service}/{endpoint}

Authentication

All API requests (except login) require a Bearer token:

Authorization: Bearer <access_token>

Tokens are obtained via the Identity Service login endpoint.

Request Headers

HeaderRequiredDescription
AuthorizationYesBearer JWT access token
X-Tenant-IDYesTenant identifier
Content-TypeConditionalapplication/json for request bodies
Accept-LanguageNoPreferred response language

Error Response Format

All errors follow a consistent format:

{
  "statusCode": 400,
  "message": "Validation failed",
  "error": "Bad Request",
  "details": [
    {
      "field": "email",
      "message": "Invalid email format"
    }
  ]
}

HTTP Status Codes

CodeMeaningUsage
200OKSuccessful GET/PUT
201CreatedSuccessful POST (resource created)
204No ContentSuccessful DELETE
400Bad RequestValidation error
401UnauthorizedMissing or invalid token
403ForbiddenInsufficient permissions
404Not FoundResource not found
409ConflictDuplicate resource
429Too Many RequestsRate limit exceeded
500Server ErrorInternal error

Pagination

List endpoints support pagination:

GET /api/cms/correspondence?page=1&limit=20&sort=createdAt&order=desc
ParameterDefaultDescription
page1Page number
limit20Items per page
sortcreatedAtSort field
orderdescSort direction (asc/desc)

Service Endpoints

For detailed endpoint documentation, see individual service pages:

Info

The full OpenAPI specification with 145+ endpoints is available in the tarasol-v3-docs repository as cms.json.