[ENHANCE] create_user_authentication_method API response to include created entity details #9643
Description
Currently, the create_user_authentication_method API endpoint (POST /user/auth) returns a generic 200 OK status with an empty body upon successful creation. This is not informative for API clients, who would benefit from receiving the complete details of the newly created resource in the response, rather than just a success status.
Proposed Solution:
To improve the API's usability and provide immediate access to the created resource's data, the endpoint should return a JSON response containing all the relevant fields of the new user authentication method. This aligns with common REST API practices where a POST request to a collection resource returns the representation of the newly created resource.
Implementation Plan:
-
Define a New Comprehensive Response Struct:
-
In the file
crates/api_models/src/user.rs, define a new public struct namedCreateUserAuthenticationMethodResponse. -
This struct should derive
Debug,serde::Serializeand any other traits if required. -
It should contain the following public fields with their respective types:
id,auth_id,owner_id,owner_type,auth_type,email_domain,allow_signup
-
Place this new struct definition logically near the existing
CreateUserAuthenticationMethodRequeststruct.
-
-
Update the Core Function:
- In the file
crates/router/src/core/user.rs, locate thecreate_user_authentication_methodasync function. - Update the function's return type from
UserResponse<()>toUserResponse<CreateUserAuthenticationMethodResponse>. - Add the necessary import statement at the top of the file:
use api_models::user::CreateUserAuthenticationMethodResponse;. - Modify the function's success return statement. Instead of
Ok(ApplicationResponse::StatusOk), it should returnCreateUserAuthenticationMethodResponse. This uses the variables already available or computed within the function to populate the response struct.
- In the file
How to Test:
- Run the Hyperswitch application locally.
- Make a
POSTrequest to the/user/authentication_methodendpoint. - Use the admin API key for authorization. For local development, the key is typically
test_admin. - The request body should be a valid
CreateUserAuthenticationMethodRequestJSON object. - Verify that the response status is
200 OKand the response body is a JSON object containing theid,auth_id,owner_id,owner_type,auth_type,email_domain, andallow_signupof the newly created authentication method.
Curl
curl --location '<hyperswitch-backend-base-url>/user/auth' \
--header 'Content-Type: application/json' \
--header 'api-key: <admin-api-key>' \
--data '
{
"owner_type": "organization",
"owner_id": "test_123",
"auth_method": {
"auth_type": "open_id_connect",
"private_config": {
"base_url": "hello.com",
"client_id": "something_client",
"client_secret": "something_client",
"private_key": "something"
},
"public_config": {
"name": "okta"
}
},
"allow_signup": true,
"email_domain": "None"
}'
Expected Outcome:
After these changes, a successful request to POST /user/auth will yield a 200 OK response with a JSON body similar to the following:
{
"id": "5500",
"auth_id": "a1b2c3d4-0-1234-567890abcdef",
"owner_id": "merchant_123",
"owner_type": "Merchant",
"auth_type": "OpenIdConnect",
"email_domain": "example.com",
"allow_signup": true
}This provides a much more robust and developer-friendly API experience by giving clients full visibility into the created resource immediately.