# API Documentation ## Authentication All API endpoints require authentication using JWT tokens. ### Headers ``` Authorization: Bearer ``` ## Endpoints ### Authentication - `POST /api/users/hospital-users/login` - Generates userId, roleId and roleName from given user cridentials - `GET /api/users/refresh-token/{{user_id}}/{{role_id}}` - Generates refresh token for hospitals and their users with roles namely Admin Superadmin, Spurrinadmin and Viewer - `POST /api/users/get-access-token` - Generates access token for hospitals and their users with roles namely Admin, Superadmin and Viewer - `POST /api/auth/refresh` - Generates access token for Spurrinadmin - `POST /api/auth/login` - Login with token validation and hospital status check (for hospital users) ### Spurrinadmin - `GET /api/super-admin` - Get all super admins - `POST /api/super-admin/initialize` - Add new super admin - `DELETE /api/super-admin/:id` - Delete super admin ### Hospitals - `POST /api/hospitals/create-hospital` Create hospital - `PUT /api/hospitals/update/:id` - Update hospital details - `DELETE /api/hospitals/delete/:id` - Delete hospital - `GET /api/hospitals/list` - Get list of hospitals - `GET /api/hispitals/list/:{hospital_id}` - get hospital by id - `GET /api/hospitals/users` - get list of hospital users - `GET /api/hospitals/colors` - get colors from hospital SuperAdmin - `POST /api/hospitals/send-temp-password` - send temporary password to email - `POST /api/hospitals/change-password` - change the temporary password Admin and viewer - `POST /api/hospitals/send-temp-password-av` - send temporary password to email - `POST /api/hospitals/change-password-av` - send temporary password - `POST /api/hospitals/update-admin-name` - update admin name - `POST /api/hospitals/check-user-notification` - Check new app user notification regarding notification - `PUT /api/hospitals/update-user-notification/:id` - Update app user notification status to checked (boolean) - `POST /api/hospitals/interaction-logs` - Get interaction logs of hospital's app users - `PUT /api/hospitals/public-signup/:id` - Update allow public signup ### Users - `POST /api/users/add-user` - add new user to hospital - `PUT /api/users/edit-user/:id` - edit hospital user - `delete /api/users/add-user` - delete hospital user - `POST /api/upload-profile-photo` - upload profile photo - `PUT /api/users/update-password/:id` - update password of user - `POST /api/users/get-spu-access-token` - Get SpurrinAdmin access token - `POST /api/users/hospital-users/login` - Get hospital user ID - `POST /api/users/logout` - User logout - `GET /api/users/refresh-token/:user_id/:role_id` - Get refresh token by user ID ### App Users - `POST /api/app-users/signup` - App user registration - `POST /api/app-users/login` - App user login - `PUT /api/app-users/hitlike` - Like interaction - `PUT /api/app-users/query-title` - Update query title - `DELETE /api/app-users/query-title` - Delete query title - `PUT /api/app-users/like-session` - Like session - `PUT /api/app-users/approve-user/:appUserId` - Approve app user - `DELETE /api/app-users/:userId` - Delete app user ### Documents - `PUT /api/documents/update-status/:id` - Update document status - `DELETE /api/documents/delete/:id` - Delete document ### Feedback - `POST /api/feedbacks/app-user/submit` - Submit app user feedback ### Analytics - `POST /api/analytics/hospitals/active` - Get active hospitals analysis ### Excel Data - `POST /api/excel-data` - Upload bulk users ### System - `GET /health` - Health check endpoint - `POST /api/sync-database` - Database synchronization (development only) - `GET /` - Root endpoint ## Role-Based Access Control Some endpoints require specific roles: - Spurrinadmin - Role ID 6 - Superadmin - Role ID 7 - Admin - Role ID 8 - Viewer - Role ID 9 ## File Upload - Supported file types: Images, documents like pdf - Upload directory: `/uploads/id_photos/` `/uploads/documents/` `/uploads/profile_photos`