Private Endpoints
The Private API contains internal endpoints that are used for system-to-system communication and administrative operations. These endpoints are not intended for general public use and may have different authentication requirements.
Create User (Private)
Create a new user account through the private API. This endpoint is designed for internal system use and may bypass certain validation checks.
Endpoint
Authentication
This endpoint may have different authentication requirements than the public API. Check with your system administrator for the appropriate authentication method.
Request Body
| Parameter | Type | Required | Description |
|---|---|---|---|
string |
Yes | Valid email address | |
| password | string |
Yes | User password |
| full_name | string |
Yes | Full name of the user |
| is_verified | boolean |
No | Whether the user is pre-verified (default: false) |
Example Request
curl -X POST https://fav3.vibemobi.com/v1/private/users/ \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." \
-H "Content-Type: application/json" \
-d '{
"email": "internal.user@vibemobi.com",
"password": "secure_password",
"full_name": "Internal System User",
"is_verified": true
}'
Response
{
"username": "internal.user@vibemobi.com",
"email": "internal.user@vibemobi.com",
"is_active": true,
"is_superuser": false,
"is_staff": false,
"full_name": "Internal System User",
"id": "789e0123-e89b-12d3-a456-426614174002"
}
Key Differences from Public User Creation
The private user creation endpoint differs from the public endpoints in several ways:
Simplified Fields
- No
usernamefield required (email is used as username) - Streamlined for system-to-system integration
- Pre-verification option available
Validation Differences
- May bypass certain validation checks
- Designed for trusted internal systems
- Different rate limiting rules may apply
Use Cases
- System Integration: Creating users from external systems
- Bulk Operations: Mass user creation for migrations
- Service Accounts: Creating accounts for automated processes
- Administrative Tasks: Bypassing normal user registration flow
Error Responses
Validation Error
{
"detail": [
{
"loc": ["body", "email"],
"msg": "field required",
"type": "value_error.missing"
}
]
}
Duplicate Email
Invalid Email Format
{
"detail": [
{
"loc": ["body", "email"],
"msg": "value is not a valid email address",
"type": "value_error.email"
}
]
}
Security Considerations
Private API Security
Access Control - Private endpoints should only be accessible from trusted internal networks - Implement IP whitelisting for additional security - Use strong authentication mechanisms (API keys, mutual TLS, etc.)
Monitoring - Log all private API usage for audit purposes - Monitor for unusual access patterns - Set up alerts for unauthorized access attempts
Data Validation - Even though validation may be relaxed, always validate critical data - Implement business logic validation in your application - Sanitize all input data to prevent injection attacks
Integration Guidelines
Authentication - Private endpoints may use different authentication methods - Consult your system administrator for proper credentials - Authentication tokens may have different scopes and permissions
Rate Limiting - Private endpoints may have different rate limits - Higher limits for trusted internal systems - Contact support if you need increased limits
Error Handling - Implement robust error handling for system integrations - Private endpoints may return different error formats - Plan for network timeouts and retry logic
Best Practices for Private API Usage
System Integration
When integrating with private endpoints:
- Use Service Accounts: Create dedicated service accounts for system-to-system communication
- Implement Retry Logic: Handle temporary failures gracefully with exponential backoff
- Monitor Usage: Track API usage and performance metrics
- Secure Credentials: Store API credentials securely using environment variables or secret management systems
Bulk Operations
For bulk user creation:
#!/bin/bash
# Example bulk user creation script
users_file="users.json"
api_endpoint="https://fav3.vibemobi.com/v1/private/users/"
auth_token="your_private_api_token"
while IFS= read -r user_data; do
response=$(curl -s -X POST "$api_endpoint" \
-H "Authorization: Bearer $auth_token" \
-H "Content-Type: application/json" \
-d "$user_data")
if [[ $? -eq 0 ]]; then
echo "User created successfully: $response"
else
echo "Failed to create user: $user_data"
fi
# Rate limiting - wait between requests
sleep 0.1
done < "$users_file"
Error Recovery
Implement proper error recovery for private API operations:
import requests
import time
import json
def create_user_with_retry(user_data, max_retries=3):
"""Create user with exponential backoff retry logic"""
url = "https://fav3.vibemobi.com/v1/private/users/"
headers = {
"Authorization": f"Bearer {API_TOKEN}",
"Content-Type": "application/json"
}
for attempt in range(max_retries):
try:
response = requests.post(url, json=user_data, headers=headers)
if response.status_code == 200:
return response.json()
elif response.status_code == 429: # Rate limited
wait_time = 2 ** attempt
time.sleep(wait_time)
continue
else:
response.raise_for_status()
except requests.exceptions.RequestException as e:
if attempt == max_retries - 1:
raise e
wait_time = 2 ** attempt
time.sleep(wait_time)
raise Exception(f"Failed to create user after {max_retries} attempts")
API Versioning
Private endpoints follow the same versioning scheme as public endpoints:
- Current Version:
v1 - Base URL:
https://fav3.vibemobi.com/v1/private/ - Deprecation Policy: Private endpoints may have different deprecation timelines
Support and Documentation
For private API support:
- Internal Documentation: Check internal system documentation for additional details
- System Administrator: Contact your system administrator for access and configuration
- API Support: Use internal support channels for private API issues
- Change Notifications: Subscribe to internal notifications for API changes
Future Endpoints
Additional private endpoints may be added in future versions for:
- Bulk data operations
- System health monitoring
- Administrative reporting
- Integration webhooks
Check the API changelog for updates on new private endpoints.