flip_api.trusts_services.admin_create_trust
===========================================

.. py:module:: flip_api.trusts_services.admin_create_trust


Attributes
----------

.. autoapisummary::

   flip_api.trusts_services.admin_create_trust.router


Functions
---------

.. autoapisummary::

   flip_api.trusts_services.admin_create_trust.admin_create_trust


Module Contents
---------------

.. py:data:: router

.. py:function:: admin_create_trust(body: flip_api.domain.interfaces.trust.ICreateTrust, db: sqlmodel.Session = Depends(get_session), token_id: uuid.UUID = Depends(verify_token)) -> flip_api.domain.interfaces.trust.ICreatedTrust

   Create a trust and return its newly-generated plaintext keys (returned once).

   Thin HTTP wrapper over ``register_trust`` — translates service errors to
   400 / 409 / 500 responses. The hub stores only the SHA-256 hash of the trust
   API key. The trust internal service key is returned to the caller but not
   stored on the hub — it only lives in the trust-side environment and protects
   trust-internal services (imaging-api, data-access-api).

   :param body: Request body — trust name plus optional code / region.
   :type body: ICreateTrust
   :param db: Database session.
   :type db: Session
   :param token_id: Authenticated user ID, used for the admin permission check.
   :type token_id: UUID

   :returns: The new trust plus plaintext ``trust_api_key`` and
             ``trust_internal_service_key`` — surface to the admin once, then discard.
   :rtype: ICreatedTrust

   :raises HTTPException: 403 if the caller lacks ``CAN_ACCESS_ADMIN_PANEL``;
       400 if the name or code is empty; 409 if a trust with the given name
       exists or no FL kit slot is available; 500 on database error.