Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/diarpicu2022-commits/backend-AgroPulse/llms.txt

Use this file to discover all available pages before exploring further.

The Users API provides direct CRUD access to user records, complementing the authentication endpoints at /api/auth. Use these endpoints to manage user profiles, update passwords, change roles, and look up the greenhouses a user can access. Unlike the auth endpoints, these routes do not require the X-Admin-Email header — they operate on individual records by ID.
This is distinct from the admin-only user management at /api/auth/users. The /api/users endpoints expose full CRUD without a separate admin gate, so they should be called from trusted backend contexts or protected at the network level.

GET /api/users

Returns all registered users. Passwords are never included in responses. Response Returns a {"users": [...]} envelope with an array of sanitized user objects. 
curl http://localhost:8080/api/users

{
  "users": [
    {
      "id": 1,
      "username": "alice",
      "fullName": "Alice Grower",
      "email": "alice@example.com",
      "phone": null,
      "avatar": null,
      "role": "OPERATOR",
      "active": true,
      "createdAt": "2026-01-10T08:00:00",
      "greenhouseIds": [1, 3]
    }
  ]
}

POST /api/users

Creates a new user record. This is the administrative variant of registration — it allows setting any role and bypasses the self-registration flow. Request body
username
string
Login username for the account.
fullName
string
Display name.
email
string
Email address.
phone
string
Phone number.
avatar
string
URL to a profile picture.
password
string
Plain-text password. The server hashes it with BCrypt before storing. Omit to create an account without a password (e.g. Google-only accounts).
role
string
Initial role. One of ADMIN, AGRONOMIST, OPERATOR, VIEWER, or USER. Unrecognized values default to OPERATOR.
active
boolean
Whether the account is enabled. Defaults to true.
Response — the created user object (password omitted). 
curl -X POST http://localhost:8080/api/users \
  -H "Content-Type: application/json" \
  -d '{
    "username": "bob",
    "fullName": "Bob Farmer",
    "email": "bob@example.com",
    "password": "s3cr3t",
    "role": "OPERATOR"
  }'

PUT /api/users/

Updates one or more fields on an existing user. Only fields present in the request body are changed. Path parameters
id
number
required
The user’s integer ID.
Request body — same optional fields as POST /api/users. All fields are optional.
If password is provided and non-blank, it is re-hashed with BCrypt before saving. Passing an empty string or omitting the field leaves the existing password unchanged.
Returns the updated user object, or 404 Not Found if no user exists with that ID. 
curl -X PUT http://localhost:8080/api/users/1 \
  -H "Content-Type: application/json" \
  -d '{"phone": "+34600000000", "active": true}'

DELETE /api/users/

Permanently deletes a user account. Also removes the user from the user_greenhouse junction table so greenhouse access lists stay consistent. Path parameters
id
number
required
The user’s integer ID.
Returns {"deleted": true} on success, or 404 Not Found if no user exists with that ID. 
curl -X DELETE http://localhost:8080/api/users/1

{ "deleted": true }

GET /api/users//greenhouses

Returns the list of greenhouse IDs the user has been granted access to. Path parameters
id
number
required
The user’s integer ID.
Response
ids
number[]
required
Array of greenhouse IDs the user can access.
Returns 404 Not Found if no user exists with that ID. 
curl http://localhost:8080/api/users/1/greenhouses

{ "ids": [1, 3, 7] }

Build docs developers (and LLMs) love

Get started for freeTalk to us