GET /api/nurses Retrieve all nurse records from the database.
Request No parameters required.
curl http://localhost:3001/api/nurses
Response Returns an array of nurse objects sorted alphabetically by name.
Array of nurse objects, each containing: Supabase Auth user ID (if account created)
Response Example Success Response
Error Response
[ { "id" : "nurse-001" , "name" : "Alice Johnson" , "email" : "[email protected] " , "auth_user_id" : "550e8400-e29b-41d4-a716-446655440000" , "created_at" : "2026-01-15T08:00:00Z" , "updated_at" : "2026-03-04T10:30:00Z" }, { "id" : "nurse-002" , "name" : "Bob Smith" , "email" : "[email protected] " , "auth_user_id" : null , "created_at" : "2026-01-16T09:00:00Z" , "updated_at" : "2026-01-16T09:00:00Z" } ]
POST /api/nurses/create-accounts Create Supabase Auth accounts for nurses that exist in the database but don’t have authentication accounts yet. This is an administrative operation typically run during initial setup or when onboarding new nurses.
This endpoint requires SUPABASE_SERVICE_KEY (service role key) in environment variables. The standard anonymous key is insufficient for user creation.
How It Works For each nurse in the database:
Checks if nurse already has auth_user_id → skips if yesSearches for existing Supabase Auth user with matching emailLinks to existing auth account if found, ORCreates new auth account with temporary passwordUpdates nurse record with auth_user_id
Request No request body required. Processes all nurses automatically.
curl -X POST http://localhost:3001/api/nurses/create-accounts
Response Whether the operation completed successfully
Summary message (e.g., “Processed 5 nurses”)
Array of result objects for each nurse Result status: skipped, linked, created, or error
Human-readable result message
Temporary password (only for created status). Save this securely!
Response Example Success Response
Service Unavailable
Error Response
{ "success" : true , "message" : "Processed 3 nurses" , "results" : [ { "nurse_id" : "nurse-001" , "email" : "[email protected] " , "status" : "skipped" , "message" : "Already has auth account" }, { "nurse_id" : "nurse-002" , "email" : "[email protected] " , "status" : "linked" , "message" : "Linked to existing auth account" }, { "nurse_id" : "nurse-003" , "email" : "[email protected] " , "status" : "created" , "message" : "Account created. Temporary password: Tempnurse-0031709876543210" , "tempPassword" : "Tempnurse-0031709876543210" }, { "nurse_id" : "nurse-004" , "email" : "invalid@email" , "status" : "error" , "message" : "Invalid email format" } ] }
Status Types
Nurse already has an auth_user_id linked. No action taken. { "status" : "skipped" , "message" : "Already has auth account" }
Found existing Supabase Auth user with matching email. Linked the auth user ID to the nurse record. { "status" : "linked" , "message" : "Linked to existing auth account" }
Created new Supabase Auth account for the nurse. Returns a temporary password. Important: Save the tempPassword securely and share it with the nurse through a secure channel.{ "status" : "created" , "message" : "Account created. Temporary password: TempXXX" , "tempPassword" : "TempXXX" }
Temporary password format: Temp{nurse_id}{timestamp}
An error occurred while processing this nurse. { "status" : "error" , "message" : "Failed to create user: error details" }
Created Account Details When a new account is created:
Email : Nurse’s email from databasePassword : Temporary password (format: Temp{nurse_id}{timestamp})Email Confirmed : Yes (auto-confirmed)User Metadata : Includes nurse name and database ID
Security Best Practices:
Store temporary passwords securely
Share passwords through secure channels (never plain email)
Force password change on first login
Implement password expiration for temporary passwords
Error Responses Service role key not configured { "error" : "Admin operations require SUPABASE_SERVICE_KEY to be set in environment variables" }
Failed to create accounts { "error" : "Failed to create nurse accounts" , "details" : "Error message" }
Integration Example const createNurseAccounts = async () => { try { const response = await fetch ( 'http://localhost:3001/api/nurses/create-accounts' , { method: 'POST' }); const data = await response . json (); // Process results data . results . forEach ( result => { switch ( result . status ) { case 'created' : console . log ( `Created account for ${ result . email } ` ); console . log ( `Temporary password: ${ result . tempPassword } ` ); // TODO: Securely store and share password break ; case 'linked' : console . log ( `Linked existing account: ${ result . email } ` ); break ; case 'skipped' : console . log ( `Skipped ${ result . email } : ${ result . message } ` ); break ; case 'error' : console . error ( `Error for ${ result . email } : ${ result . message } ` ); break ; } }); return data ; } catch ( error ) { console . error ( 'Failed to create nurse accounts:' , error ); throw error ; } }; // Usage createNurseAccounts ();
Use Cases
Initial Setup Run once during system deployment to create auth accounts for all nurses in the database.
Onboarding Run after adding new nurse records to the database to create their auth accounts.
Account Recovery Link existing auth accounts to nurse records if the connection was lost.
Audit Check which nurses have auth accounts and which need accounts created.
Best Practices
Ensure SUPABASE_SERVICE_KEY is set in your .env file: SUPABASE_SERVICE_KEY = eyJhbGc... ( your service role key )
Never commit this key to version control!
Parse and store temporary passwords from the response
Use a secure password manager or vault
Implement a password delivery system (secure email, SMS, or portal)
Force password change on first login
Set expiration for temporary passwords
Check the status field for each result: const errors = results . filter ( r => r . status === 'error' ); if ( errors . length > 0 ) { // Handle errors (notify admin, retry, log) }
Consider integrating this endpoint into your onboarding workflow:
Add nurse to database
Call /api/nurses/create-accounts
Extract temporary password from response
Send welcome email with password
Log account creation for audit trail
