Skip to main content
GET
/
api
/
empleados
/
search
Search Employees
curl --request GET \
  --url https://api.example.com/api/empleados/search \
  --header 'Authorization: <authorization>'
{
  "status": "<string>",
  "data": [
    {
      "id_empleado": 123,
      "nombre_completo": "<string>"
    }
  ]
}

Overview

This endpoint provides a fast search functionality for finding active employees by name or ID. It’s designed for autocomplete interfaces and returns a limited set of results optimized for quick lookups.

Admin Access Required

This endpoint requires administrator privileges. Only users with admin role can search for employees.

Request

curl -X GET 'https://api.yourcompany.com/api/empleados/search?q=juan' \
  -H 'Authorization: Bearer YOUR_ADMIN_JWT_TOKEN'

Query Parameters

q
string
required
Search query string. Can be used to search by:
  • Employee name (partial match)
  • Employee ID (partial match)
The search is case-insensitive and uses LIKE pattern matching.

Headers

Authorization
string
required
Bearer token from Azure AD authentication with admin privileges

Response

status
string
Status of the request. Returns “success” for successful queries.
data
array
Array of matching employee records (maximum 10 results)

Response Example

{
  "status": "success",
  "data": [
    {
      "id_empleado": 42,
      "nombre_completo": "Juan Pérez"
    },
    {
      "id_empleado": 73,
      "nombre_completo": "Juan Carlos Mendoza"
    },
    {
      "id_empleado": 156,
      "nombre_completo": "Juana María Torres"
    }
  ]
}

Search Behavior

Active Employees Only

Only returns employees with active status (id_estado = 1)

Partial Matching

Searches using LIKE pattern with wildcards for flexible matching

Result Limit

Maximum 10 results returned to prevent performance issues

Alphabetical Order

Results sorted by name in ascending order

Search Examples

Search by Name

curl -X GET 'https://api.yourcompany.com/api/empleados/search?q=maria' \
  -H 'Authorization: Bearer YOUR_ADMIN_JWT_TOKEN'
Finds all active employees whose name contains “maria” (case-insensitive).

Search by ID

curl -X GET 'https://api.yourcompany.com/api/empleados/search?q=42' \
  -H 'Authorization: Bearer YOUR_ADMIN_JWT_TOKEN'
Finds all active employees whose ID contains “42” (e.g., 42, 142, 420).

Empty Query

curl -X GET 'https://api.yourcompany.com/api/empleados/search?q=' \
  -H 'Authorization: Bearer YOUR_ADMIN_JWT_TOKEN'
Returns an empty array if the query parameter is empty or contains only whitespace.

Performance Considerations

Indexed Search

Searches on nombre and id_empleado fields for optimal performance

Limited Results

10-result limit prevents database overload in large datasets

Status Filter

Pre-filtering by active status reduces search scope

Optimized Query

Only fetches required fields (id_empleado, nombre)

Use Cases

Autocomplete

Power typeahead search in admin forms and interfaces

Employee Lookup

Quick employee ID/name lookup for administrative tasks

Request Assignment

Search for employees when assigning requests or approvers

Report Filtering

Filter reports by specific employees using search

Error Handling

403 Forbidden

User does not have administrator privileges to search employees

500 Internal Error

Database connection issues or unexpected server errors during search

Security Notes

  • SQL Injection Protection: Uses Sequelize ORM with parameterized queries
  • Role-Based Access: Enforced by verificarRol(PERMISOS.SOLO_ADMINS) middleware
  • Limited Data Exposure: Only returns id_empleado and nombre_completo fields
  • Active Status Filter: Prevents exposure of inactive/terminated employees