Initialize the first administrator.
curl --request POST \ --url https://auth.example.com/api/admin-init-setup/initialize \ --header 'Content-Type: application/json' \ --data '{ "setup_token": "setup_123", "email": "[email protected]", "name": "Admin User", "csrf_token": "csrf_123" }'Validates the one-time setup token and CSRF token, creates the initial administrator, assigns the system admin role, and returns a temporary setup session plus Admin UI setup token.
Request Body required
Section titled “Request Body required ”object
Example
{ "setup_token": "setup_123", "name": "Admin User", "csrf_token": "csrf_123"}Responses
Section titled “ Responses ”Successful JSON response.
object
Example
{ "success": true, "user_id": "admin_123", "temp_session_token": "temp_sess_123", "setup_token": "admin_setup_token_123", "admin_ui_url": "https://admin.example.com", "admin_ui_setup_url": "https://admin.example.com/setup/complete?token=admin_setup_token_123"}Error response.
object
Optional browser-side WebAuthn Signal API hint. When unknown_credential is true, clients that just received a WebAuthn credential assertion may call PublicKeyCredential.signalUnknownCredential() for that credential ID.
object
Example generated
{ "error": "example", "error_description": "example", "message": "example", "webauthn_signal": { "unknown_credential": true }}Error response.
object
Optional browser-side WebAuthn Signal API hint. When unknown_credential is true, clients that just received a WebAuthn credential assertion may call PublicKeyCredential.signalUnknownCredential() for that credential ID.
object
Example generated
{ "error": "example", "error_description": "example", "message": "example", "webauthn_signal": { "unknown_credential": true }}Error response.
object
Optional browser-side WebAuthn Signal API hint. When unknown_credential is true, clients that just received a WebAuthn credential assertion may call PublicKeyCredential.signalUnknownCredential() for that credential ID.
object
Example generated
{ "error": "example", "error_description": "example", "message": "example", "webauthn_signal": { "unknown_credential": true }}