Notifications
Notifications API
Endpoints for managing in-app notifications. Notifications are scoped to the current user and tenant. No special role permissions required beyond being authenticated.
List Notifications
GET /api/notifications
Retrieve a paginated list of notifications for the authenticated user, with an unread count.
Query Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| page | number | No | Page number (default: 1, max: 1000) |
| limit | number | No | Items per page (default: 20, max: 50) |
| unread | string | No | Set to "true" to show only unread notifications |
Response 200 OK:
{
"data": [
{
"id": "clxyz...",
"type": "quote_won",
"title": "Cotización ganada",
"body": "La cotización COT-0042 fue marcada como ganada",
"metadata": { "quoteId": "...", "quoteNumber": 42 },
"readAt": null,
"createdAt": "2026-03-31T10:00:00.000Z"
}
],
"unreadCount": 5
}Errors:
| Status | Error | When |
|---|---|---|
| 401 | "No autorizado" | Missing or invalid session |
cURL Example:
curl -X GET "https://cotizera.com/api/notifications?unread=true&limit=10" \
-H "Cookie: next-auth.session-token=YOUR_TOKEN"Mark as Read
PATCH /api/notifications/:id/read
Mark a single notification as read by setting readAt to the current timestamp. Only works for notifications belonging to the authenticated user.
Request Body: None required.
Response 200 OK:
{
"success": true
}Errors:
| Status | Error | When |
|---|---|---|
| 401 | "No autorizado" | Missing or invalid session |
| 404 | "No encontrada" | Notification not found or belongs to another user |
Mark All as Read
POST /api/notifications/mark-all-read
Mark all unread notifications for the authenticated user as read.
Request Body: None required.
Response 200 OK:
{
"updated": 5
}The updated field indicates how many notifications were marked as read.
Errors:
| Status | Error | When |
|---|---|---|
| 401 | "No autorizado" | Missing or invalid session |