Skip to main content
POST
/
api
/
usuarios
Create User
curl --request POST \
  --url https://api.example.com/api/usuarios \
  --header 'Content-Type: application/json' \
  --data '
{
  "username": "<string>",
  "nombre": "<string>",
  "apellidos": "<string>",
  "email": "<string>",
  "password": "<string>",
  "fecha_nacimiento": "<string>",
  "direccion_envio": "<string>",
  "rol": "<string>",
  "activo": true
}
'
{
  "201": {},
  "400": {},
  "401": {},
  "403": {},
  "usuario_id": 123,
  "username": "<string>",
  "nombre": "<string>",
  "apellidos": "<string>",
  "email": "<string>",
  "fecha_nacimiento": "<string>",
  "direccion_envio": "<string>",
  "rol": "<string>",
  "activo": true
}

Authentication

This endpoint requires JWT authentication with Admin role. Include the Bearer token in the Authorization header.
Only administrators can create new user accounts directly through this endpoint. Regular user registration should use the /api/auth/registro endpoint.

Request Body

username
string
required
Unique username for the account (max 100 characters)
nombre
string
required
User’s first name (max 100 characters)
apellidos
string
required
User’s last name(s) (max 150 characters)
email
string
required
User’s email address. Must be valid and unique across all users.
password
string
required
User’s password. Will be encrypted using BCrypt before storage.
fecha_nacimiento
string
required
User’s date of birth in ISO 8601 format (YYYY-MM-DD)
direccion_envio
string
required
Shipping/delivery address
rol
string
required
User role. Must be one of: ADMIN or CLIENTE
activo
boolean
default:true
Whether the account is active. Defaults to true.

Response

Returns the newly created user object (without password).
usuario_id
long
Unique identifier assigned to the new user
username
string
Username
nombre
string
First name
apellidos
string
Last name(s)
email
string
Email address
fecha_nacimiento
string
Date of birth (ISO 8601)
direccion_envio
string
Shipping address
rol
string
Assigned role (ADMIN or CLIENTE)
activo
boolean
Account active status

Example Request

cURL
curl -X POST "http://localhost:8080/api/usuarios" \
  -H "Authorization: Bearer YOUR_ADMIN_JWT_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "username": "juan_perez",
    "nombre": "Juan",
    "apellidos": "Pérez García",
    "email": "juan.perez@example.com",
    "password": "SecurePassword123!",
    "fecha_nacimiento": "1990-05-15",
    "direccion_envio": "Calle Mayor 123, Madrid, 28013",
    "rol": "CLIENTE",
    "activo": true
  }'
JavaScript
const response = await fetch('http://localhost:8080/api/usuarios', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${adminToken}`,
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    username: 'juan_perez',
    nombre: 'Juan',
    apellidos: 'Pérez García',
    email: 'juan.perez@example.com',
    password: 'SecurePassword123!',
    fecha_nacimiento: '1990-05-15',
    direccion_envio: 'Calle Mayor 123, Madrid, 28013',
    rol: 'CLIENTE',
    activo: true
  })
});
const user = await response.json();
Python
import requests

headers = {
    'Authorization': f'Bearer {admin_token}',
    'Content-Type': 'application/json'
}
data = {
    'username': 'juan_perez',
    'nombre': 'Juan',
    'apellidos': 'Pérez García',
    'email': 'juan.perez@example.com',
    'password': 'SecurePassword123!',
    'fecha_nacimiento': '1990-05-15',
    'direccion_envio': 'Calle Mayor 123, Madrid, 28013',
    'rol': 'CLIENTE',
    'activo': True
}
response = requests.post(
    'http://localhost:8080/api/usuarios',
    headers=headers,
    json=data
)
user = response.json()

Example Response

{
  "usuario_id": 10,
  "username": "juan_perez",
  "nombre": "Juan",
  "apellidos": "Pérez García",
  "email": "juan.perez@example.com",
  "fecha_nacimiento": "1990-05-15",
  "direccion_envio": "Calle Mayor 123, Madrid, 28013",
  "rol": "CLIENTE",
  "activo": true
}

Status Codes

201
Created
User created successfully
400
Bad Request
Invalid request body (validation errors):
  • Invalid email format
  • Username or email already exists
  • Missing required fields
  • Invalid date format
  • Invalid role value
401
Unauthorized
Missing or invalid JWT token
403
Forbidden
User does not have Admin role. Only administrators can create users through this endpoint.

Validation Rules

  • Email: Must be a valid email format and unique
  • Username: Must be unique across all users
  • Password: Automatically encrypted with BCrypt before storage
  • Fecha de nacimiento: Must be a valid date in ISO 8601 format (YYYY-MM-DD)
  • Rol: Must be either “ADMIN” or “CLIENTE”

Use Cases

  • Admin user management: Create employee or administrator accounts
  • Bulk user import: Programmatically create multiple user accounts
  • Pre-configured accounts: Set up test or demo accounts
  • Account recovery: Recreate accounts with specific requirements
Admin-only endpoint: This endpoint requires Admin role. For regular user registration, direct users to /api/auth/registro which automatically assigns the CLIENTE role and returns a JWT token.
The password is never returned in responses. It is encrypted using BCrypt and stored securely.
Set activo: false to create inactive accounts that users cannot use to log in until an administrator activates them.

User Registration

Public endpoint for customer self-registration

Update User

Modify existing user information