Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Gianluca-X/DigitalMoney/llms.txt

Use this file to discover all available pages before exploring further.

Permanently removes a digital account from the Accounts Service. The endpoint enforces role-based access control directly in the controller: a principal holding ROLE_ADMIN may delete any account by ID, while a principal with ROLE_USER may only delete an account whose stored email field matches the email extracted from their JWT. Any attempt to delete another user’s account without admin privileges is rejected with 401 Unauthorized.

Endpoint

DELETE /accounts/{id}
Base URL: http://localhost:8085 Full URL: http://localhost:8085/accounts/{id}

Authentication

Authorization: Bearer <token>
A valid JWT is mandatory. The controller extracts both the principal name (email) and the first granted authority (role) from the Authentication object. Unauthenticated requests — where authentication is null or isAuthenticated() returns false — are rejected immediately with 401 Unauthorized.

Authorization Logic

The controller applies the following decision tree before invoking the service layer:
  1. No authentication present401 Unauthorized
  2. Principal has ROLE_ADMIN → deletion proceeds unconditionally
  3. Principal has ROLE_USER → the account record is fetched; if account.email equals the JWT principal name, deletion proceeds; otherwise → 401 Unauthorized

Path Parameters

id
long
required
The primary key of the digital account to delete.

Response

A successful deletion returns 204 No Content with an empty body.
This operation is permanent and irreversible. Once an account is deleted, all associated balance and transaction history stored in the Accounts Service is removed. There is no soft-delete, archive, or recovery path. Ensure your client application presents a confirmation step before calling this endpoint.

Example

Admin deleting any account

curl -X DELETE "http://localhost:8085/accounts/7" \
  -H "Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9..."
Response: 204 No Content (empty body)

User deleting their own account

curl -X DELETE "http://localhost:8085/accounts/7" \
  -H "Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9..."
The JWT must be issued for the same email address stored on account 7. If the emails do not match, the response will be 401 Unauthorized. Response: 204 No Content (empty body)

Error Codes

HTTP StatusDescription
401 UnauthorizedThe Authorization header is missing, the token is invalid/expired, the Authentication object is not marked as authenticated, or the authenticated user’s email does not match the account’s stored email. The UnauthorizedException is handled by GlobalExceptionHandler and always maps to 401.
404 Not FoundNo account exists with the provided id. Thrown as ResourceNotFoundException by the service layer and handled by GlobalExceptionHandler.

Build docs developers (and LLMs) love