Admin¶
Endpoints for reviewing and approving driver documents. All endpoints on this page require the ADMIN role.
Admin accounts
There is no self-service registration for admin accounts. Admin users must be created directly in the database with role = 'ADMIN'. Once created, they authenticate via the standard POST /api/login endpoint.
List pending documents¶
GET /api/admin/documents/pending 🔒 ADMIN
Returns all documents across all drivers with status: PENDING, ordered by upload time (oldest first).
Response 200 OK
json
[
{
"id": 14,
"driverId": 7,
"type": "LICENSE",
"status": "PENDING",
"fileName": "license.pdf",
"fileUrl": "documents/driver-7/uuid-license.pdf",
"uploadedAt": "2026-04-01T09:15:00",
"reviewedAt": null,
"reviewedBy": null,
"rejectionReason": null
}
]
Approve a document¶
PATCH /api/admin/documents/{id}/approve 🔒 ADMIN
Sets the document status to APPROVED. Records the reviewing admin and timestamp.
Path parameter: id — document ID
Request body: none
Response 200 OK
json
{
"id": 14,
"driverId": 7,
"type": "LICENSE",
"status": "APPROVED",
"fileName": "license.pdf",
"fileUrl": "documents/driver-7/uuid-license.pdf",
"uploadedAt": "2026-04-01T09:15:00",
"reviewedAt": "2026-04-02T11:30:00",
"reviewedBy": 1,
"rejectionReason": null
}
Error responses
| Status | Condition |
|---|---|
404 Not Found |
Document not found |
Reject a document¶
PATCH /api/admin/documents/{id}/reject 🔒 ADMIN
Sets the document status to REJECTED with a mandatory reason. The driver will see the rejection reason when they list their documents.
Path parameter: id — document ID
Request body
json
{
"reason": "Document appears to be expired. Please upload a current license."
}
| Field | Constraints |
|---|---|
reason |
Required, must not be blank |
Response 200 OK
json
{
"id": 14,
"driverId": 7,
"type": "LICENSE",
"status": "REJECTED",
"fileName": "license.pdf",
"fileUrl": "documents/driver-7/uuid-license.pdf",
"uploadedAt": "2026-04-01T09:15:00",
"reviewedAt": "2026-04-02T11:35:00",
"reviewedBy": 1,
"rejectionReason": "Document appears to be expired. Please upload a current license."
}
Error responses
| Status | Condition |
|---|---|
400 Bad Request |
reason is blank |
404 Not Found |
Document not found |
Profile endpoints¶
GET /api/my-account/driver 🔒 DRIVER
Returns the authenticated driver's profile.
Response 200 OK
json
{
"email": "marcus@example.com",
"firstName": "Marcus",
"lastName": "Bell",
"phoneNumber": "+14165550101",
"licenseNumber": "D9382710",
"totalRides": 47
}
GET /api/my-account/customer 🔒 CUSTOMER
Returns the authenticated customer's profile.
Response 200 OK
json
{
"email": "jane@example.com",
"firstName": "Jane",
"lastName": "Doe",
"phoneNumber": "+14165550100",
"totalRides": 12
}
PATCH /api/my-account/driver 🔒 DRIVER
Updates driver profile fields. Supply only the fields to update.
Request body — DriverProfileDTO partial
PATCH /api/my-account/customer 🔒 CUSTOMER
Updates customer profile fields.
Request body — CustomerProfileDTO partial