All technician endpoints are protected. Requests must include a valid JWT and the authenticated user must have the
admin role.Endpoints that accept file uploads (
POST /api/admin/technicians and PUT /api/admin/technicians/:id) must use multipart/form-data encoding.List technicians
GET /api/admin/technicians
Returns all technician accounts ordered by creation date (newest first), each including their active vehicle assignment and inspection history.
Response
Errors
| Status | Description |
|---|---|
401 | Missing or invalid JWT. |
403 | Authenticated user does not have the admin role. |
500 | Internal server error. |
Get technician
GET /api/admin/technicians/:id
Returns a single technician by ID.
Path parameters
The technician’s user ID.
Response
Technician object with the same shape as described in List technicians.
Errors
| Status | Description |
|---|---|
401 | Missing or invalid JWT. |
403 | Authenticated user does not have the admin role. |
404 | Technician not found. |
500 | Internal server error. |
Create technician
POST /api/admin/technicians
Creates a new technician account. Send the request as multipart/form-data to optionally attach photos.
Request body
Technician’s full name.
Email address. Must be unique across all users.
Account password. Stored as a bcrypt hash. If omitted, defaults to the value of
DEFAULT_LOGIN_PASSWORD (typically changeme123). Minimum 8 characters when provided.Driver license number.
Date the technician joined the company in
YYYY-MM-DD format.Profile photo file upload (multipart field name:
technician_photo).Driver license photo file upload (multipart field name:
driver_license_photo).Response
Returns201 Created with the new technician object (password hash is never returned).
The created technician with the same shape as described in List technicians.
Errors
| Status | Description |
|---|---|
400 | Validation failed — required fields missing or invalid. |
401 | Missing or invalid JWT. |
403 | Authenticated user does not have the admin role. |
409 | A user with that email address already exists. |
500 | Internal server error. |
Update technician
PUT /api/admin/technicians/:id
Updates an existing technician. Send as multipart/form-data when uploading new photos.
File fields are optional on update. If a file field is omitted, the existing stored URL is preserved. Pass an explicit empty string for driverLicensePhotoUrl or technicianPhotoUrl in the body to clear the stored URL.
If password is provided, it is re-hashed and replaces the existing password. If omitted, the existing password is unchanged.
Path parameters
The technician’s user ID.
Request body
Accepts the same fields as Create technician. All fields are optional on update.Response
Returns200 OK with the updated technician object.
Updated technician object.
Errors
| Status | Description |
|---|---|
400 | Validation failed. |
401 | Missing or invalid JWT. |
403 | Authenticated user does not have the admin role. |
404 | Technician not found. |
409 | A user with that email address already exists. |
500 | Internal server error. |
Delete technician
DELETE /api/admin/technicians/:id
Permanently deletes a technician account.
Path parameters
The technician’s user ID.
Response
Returns204 No Content on success with an empty body.
Errors
| Status | Description |
|---|---|
401 | Missing or invalid JWT. |
403 | Authenticated user does not have the admin role. |
404 | Technician not found. |
500 | Internal server error. |