Creates a new administrator account in the system.
Request Body
Full name of the administratorExample: "John Smith"
Email address for the administrator accountExample: "admin@medagenda.com"
Password for the administrator accountSecurity Note: Password should be strong and meet security requirements
Response
Auto-generated UUID for the admin user
Full name of the administrator
Email address of the administrator
Encrypted password (returned as stored in database)
ISO timestamp when the admin account was created
ISO timestamp when the admin account was last updated
curl -X POST http://localhost:8080/admin/create \
-H "Content-Type: application/json" \
-d '{
"name": "John Smith",
"email": "admin@medagenda.com",
"password": "SecurePassword123!"
}'
{
"userId": "123e4567-e89b-12d3-a456-426614174000",
"name": "John Smith",
"email": "admin@medagenda.com",
"password": "$2a$10$encrypted_password_hash",
"creationTimestamp": "2024-03-15T10:30:00Z",
"updatedTimestamp": "2024-03-15T10:30:00Z"
}
Security Considerations
Important Security Notes:
- This endpoint should be protected and only accessible to existing administrators
- Passwords should be encrypted before storage (ensure encryption is implemented in the service layer)
- Consider implementing rate limiting to prevent abuse
- Validate email format and uniqueness before creating the account
- Implement strong password requirements (minimum length, complexity, etc.)
- Consider adding email verification before activating the account
- The password returned in the response should ideally be omitted or masked in production
Notes
- The
userId is auto-generated and should not be included in the request
- The
creationTimestamp and updatedTimestamp are automatically set by the system
- Email addresses should be unique across all admin accounts
- Ensure proper authentication and authorization are in place before exposing this endpoint in production