diff --git a/README.md b/README.md
index 99dcccf5..cbbdb16b 100644
--- a/README.md
+++ b/README.md
@@ -23,6 +23,7 @@ This project provides an authentication API to be used by other applications to
   - [Microsoft Entra Azure AD oAuth2](#microsoft-entra-azure-ad-oauth2)
   - [Commands cheat-sheet](#commands-cheat-sheet)
     - [Simplified sequence diagram](#simplified-sequence-diagram)
+  - [Spring REST Docs](#spring-rest-docs)
 - [Sources](#sources)
 
 ## Getting Started
@@ -169,3 +170,15 @@ Check if the project's structure is valid
 [Microsoft oAuth2 grant flow](https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-auth-code-flow)
 
 ---
+
+## Spring REST Docs
+
+The application contains an automated documentation from the Spring REST Docs package. The documentation is created when running the application in test environment.
+
+It creates an index.adoc file in the "src/asciidoc" folder and an index.html page in the "docs" folder.
+
+Link to the generated index.adoc : [src/asciidoc/index.adoc](src/asciidoc/index.adoc)
+
+Link to the generated index.html : [docs/index.html](docs/index.html)
+
+Link to the doc on GitHub : [https://orifinformatique.github.io/spring-auth/](https://orifinformatique.github.io/spring-auth/)
\ No newline at end of file
diff --git a/application.properties-dist b/application.properties-dist
index a459d4df..4661b1a4 100644
--- a/application.properties-dist
+++ b/application.properties-dist
@@ -1,31 +1,3 @@
-#          ╭──────────────────────────────────────────────────────────╮
-#          │                          oauth2                          │
-#          ╰──────────────────────────────────────────────────────────╯
-### Azure ###
-custom.azure.account.tenant-id=
-
-# Azure Provider Configuration
-spring.security.oauth2.client.provider.azure.issuer-uri=https://login.microsoftonline.com/${custom.azure.account.tenant-id}/v2.0
-spring.security.oauth2.client.provider.azure.authorization-uri=https://login.microsoftonline.com/${custom.azure.account.tenant-id}/oauth2/v2.0/authorize
-spring.security.oauth2.client.provider.azure.token-uri=https://login.microsoftonline.com/${custom.azure.account.tenant-id}/oauth2/v2.0/token
-spring.security.oauth2.client.provider.azure.user-info-uri=https://graph.microsoft.com/oidc/userinfo
-spring.security.oauth2.client.provider.azure.jwk-set-uri=https://login.microsoftonline.com/${custom.azure.account.tenant-id}/discovery/v2.0/keys
-spring.security.oauth2.client.provider.azure.user-name-attribute=email
-
-# Azure Client Configuration
-spring.security.oauth2.client.registration.azure.client-id=
-spring.security.oauth2.client.registration.azure.client-secret=
-spring.security.oauth2.client.registration.azure.client-authentication-method=client_secret_post
-spring.security.oauth2.client.registration.azure.authorization-grant-type=authorization_code
-spring.security.oauth2.client.registration.azure.redirect-uri={baseUrl}/login/oauth2/code/{registrationId}
-spring.security.oauth2.client.registration.azure.scope=openid,profile,email,User.Read
-spring.security.oauth2.client.registration.azure.client-name=Azure
-
-### Google exemple for multiple provider login ###
-spring.security.oauth2.client.registration.google.client-id=0
-spring.security.oauth2.client.registration.google.client-secret=0
-spring.security.oauth2.client.registration.google.scope=0
-
 ### Logging levels ###
 logging.level.root=ERROR
 logging.level.ch.sectioninformatique=ERROR
diff --git a/compose.yml b/compose.yml
index e3cffe45..0a7e9a1b 100644
--- a/compose.yml
+++ b/compose.yml
@@ -9,6 +9,9 @@ services:
       context: .
       dockerfile: Dockerfile
       target: "${ENVIRONMENT}" # Use the environment variable to target the desired stage
+    volumes:
+      - ./src/asciidoc:/app/build/generated-snippets
+      - ./docs:/app/build/generated-snippets-html
     environment:
       # Pass environment variables to the container and the Spring Boot app
       SPRING_PROFILES_ACTIVE: "${ENVIRONMENT}"
@@ -32,11 +35,11 @@ services:
       MARIADB_ROOT_PASSWORD: "${DB_PASSWORD}"
       MARIADB_DATABASE: "${ENVIRONMENT}_db"
     volumes:
-    - ./init.sql:/docker-entrypoint-initdb.d/init.sql
+      - ./init.sql:/docker-entrypoint-initdb.d/init.sql
     networks:
       - spring_network
     healthcheck:
-      test: ["CMD", "mysqladmin", "ping", "-h", "localhost"]
+      test: [ "CMD", "mysqladmin", "ping", "-h", "localhost" ]
       interval: 10s
       timeout: 5s
       retries: 5
diff --git a/docs/index.html b/docs/index.html
new file mode 100644
index 00000000..430a7281
--- /dev/null
+++ b/docs/index.html
@@ -0,0 +1,576 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<meta http-equiv="X-UA-Compatible" content="IE=edge">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<meta name="generator" content="Asciidoctor 2.0.15">
+<title>Spring Auth API Documentation</title>
+<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic%7CNoto+Serif:400,400italic,700,700italic%7CDroid+Sans+Mono:400,700">
+<style>
+/* Asciidoctor default stylesheet | MIT License | https://asciidoctor.org */
+/* Uncomment @import statement to use as custom stylesheet */
+/*@import "https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic%7CNoto+Serif:400,400italic,700,700italic%7CDroid+Sans+Mono:400,700";*/
+article,aside,details,figcaption,figure,footer,header,hgroup,main,nav,section{display:block}
+audio,video{display:inline-block}
+audio:not([controls]){display:none;height:0}
+html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}
+a{background:none}
+a:focus{outline:thin dotted}
+a:active,a:hover{outline:0}
+h1{font-size:2em;margin:.67em 0}
+abbr[title]{border-bottom:1px dotted}
+b,strong{font-weight:bold}
+dfn{font-style:italic}
+hr{-moz-box-sizing:content-box;box-sizing:content-box;height:0}
+mark{background:#ff0;color:#000}
+code,kbd,pre,samp{font-family:monospace;font-size:1em}
+pre{white-space:pre-wrap}
+q{quotes:"\201C" "\201D" "\2018" "\2019"}
+small{font-size:80%}
+sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}
+sup{top:-.5em}
+sub{bottom:-.25em}
+img{border:0}
+svg:not(:root){overflow:hidden}
+figure{margin:0}
+fieldset{border:1px solid silver;margin:0 2px;padding:.35em .625em .75em}
+legend{border:0;padding:0}
+button,input,select,textarea{font-family:inherit;font-size:100%;margin:0}
+button,input{line-height:normal}
+button,select{text-transform:none}
+button,html input[type="button"],input[type="reset"],input[type="submit"]{-webkit-appearance:button;cursor:pointer}
+button[disabled],html input[disabled]{cursor:default}
+input[type="checkbox"],input[type="radio"]{box-sizing:border-box;padding:0}
+button::-moz-focus-inner,input::-moz-focus-inner{border:0;padding:0}
+textarea{overflow:auto;vertical-align:top}
+table{border-collapse:collapse;border-spacing:0}
+*,*::before,*::after{-moz-box-sizing:border-box;-webkit-box-sizing:border-box;box-sizing:border-box}
+html,body{font-size:100%}
+body{background:#fff;color:rgba(0,0,0,.8);padding:0;margin:0;font-family:"Noto Serif","DejaVu Serif",serif;font-weight:400;font-style:normal;line-height:1;position:relative;cursor:auto;tab-size:4;word-wrap:anywhere;-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased}
+a:hover{cursor:pointer}
+img,object,embed{max-width:100%;height:auto}
+object,embed{height:100%}
+img{-ms-interpolation-mode:bicubic}
+.left{float:left!important}
+.right{float:right!important}
+.text-left{text-align:left!important}
+.text-right{text-align:right!important}
+.text-center{text-align:center!important}
+.text-justify{text-align:justify!important}
+.hide{display:none}
+img,object,svg{display:inline-block;vertical-align:middle}
+textarea{height:auto;min-height:50px}
+select{width:100%}
+.subheader,.admonitionblock td.content>.title,.audioblock>.title,.exampleblock>.title,.imageblock>.title,.listingblock>.title,.literalblock>.title,.stemblock>.title,.openblock>.title,.paragraph>.title,.quoteblock>.title,table.tableblock>.title,.verseblock>.title,.videoblock>.title,.dlist>.title,.olist>.title,.ulist>.title,.qlist>.title,.hdlist>.title{line-height:1.45;color:#7a2518;font-weight:400;margin-top:0;margin-bottom:.25em}
+div,dl,dt,dd,ul,ol,li,h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6,pre,form,p,blockquote,th,td{margin:0;padding:0}
+a{color:#2156a5;text-decoration:underline;line-height:inherit}
+a:hover,a:focus{color:#1d4b8f}
+a img{border:0}
+p{font-family:inherit;font-weight:400;font-size:1em;line-height:1.6;margin-bottom:1.25em;text-rendering:optimizeLegibility}
+p aside{font-size:.875em;line-height:1.35;font-style:italic}
+h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{font-family:"Open Sans","DejaVu Sans",sans-serif;font-weight:300;font-style:normal;color:#ba3925;text-rendering:optimizeLegibility;margin-top:1em;margin-bottom:.5em;line-height:1.0125em}
+h1 small,h2 small,h3 small,#toctitle small,.sidebarblock>.content>.title small,h4 small,h5 small,h6 small{font-size:60%;color:#e99b8f;line-height:0}
+h1{font-size:2.125em}
+h2{font-size:1.6875em}
+h3,#toctitle,.sidebarblock>.content>.title{font-size:1.375em}
+h4,h5{font-size:1.125em}
+h6{font-size:1em}
+hr{border:solid #dddddf;border-width:1px 0 0;clear:both;margin:1.25em 0 1.1875em;height:0}
+em,i{font-style:italic;line-height:inherit}
+strong,b{font-weight:bold;line-height:inherit}
+small{font-size:60%;line-height:inherit}
+code{font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;font-weight:400;color:rgba(0,0,0,.9)}
+ul,ol,dl{font-size:1em;line-height:1.6;margin-bottom:1.25em;list-style-position:outside;font-family:inherit}
+ul,ol{margin-left:1.5em}
+ul li ul,ul li ol{margin-left:1.25em;margin-bottom:0;font-size:1em}
+ul.square li ul,ul.circle li ul,ul.disc li ul{list-style:inherit}
+ul.square{list-style-type:square}
+ul.circle{list-style-type:circle}
+ul.disc{list-style-type:disc}
+ol li ul,ol li ol{margin-left:1.25em;margin-bottom:0}
+dl dt{margin-bottom:.3125em;font-weight:bold}
+dl dd{margin-bottom:1.25em}
+abbr,acronym{text-transform:uppercase;font-size:90%;color:rgba(0,0,0,.8);border-bottom:1px dotted #ddd;cursor:help}
+abbr{text-transform:none}
+blockquote{margin:0 0 1.25em;padding:.5625em 1.25em 0 1.1875em;border-left:1px solid #ddd}
+blockquote,blockquote p{line-height:1.6;color:rgba(0,0,0,.85)}
+@media screen and (min-width:768px){h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{line-height:1.2}
+h1{font-size:2.75em}
+h2{font-size:2.3125em}
+h3,#toctitle,.sidebarblock>.content>.title{font-size:1.6875em}
+h4{font-size:1.4375em}}
+table{background:#fff;margin-bottom:1.25em;border:solid 1px #dedede;word-wrap:normal}
+table thead,table tfoot{background:#f7f8f7}
+table thead tr th,table thead tr td,table tfoot tr th,table tfoot tr td{padding:.5em .625em .625em;font-size:inherit;color:rgba(0,0,0,.8);text-align:left}
+table tr th,table tr td{padding:.5625em .625em;font-size:inherit;color:rgba(0,0,0,.8)}
+table tr.even,table tr.alt{background:#f8f8f7}
+table thead tr th,table tfoot tr th,table tbody tr td,table tr td,table tfoot tr td{line-height:1.6}
+h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{line-height:1.2;word-spacing:-.05em}
+h1 strong,h2 strong,h3 strong,#toctitle strong,.sidebarblock>.content>.title strong,h4 strong,h5 strong,h6 strong{font-weight:400}
+.center{margin-left:auto;margin-right:auto}
+.stretch{width:100%}
+.clearfix::before,.clearfix::after,.float-group::before,.float-group::after{content:" ";display:table}
+.clearfix::after,.float-group::after{clear:both}
+:not(pre).nobreak{word-wrap:normal}
+:not(pre).nowrap{white-space:nowrap}
+:not(pre).pre-wrap{white-space:pre-wrap}
+:not(pre):not([class^=L])>code{font-size:.9375em;font-style:normal!important;letter-spacing:0;padding:.1em .5ex;word-spacing:-.15em;background:#f7f7f8;-webkit-border-radius:4px;border-radius:4px;line-height:1.45;text-rendering:optimizeSpeed}
+pre{color:rgba(0,0,0,.9);font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;line-height:1.45;text-rendering:optimizeSpeed}
+pre code,pre pre{color:inherit;font-size:inherit;line-height:inherit}
+pre>code{display:block}
+pre.nowrap,pre.nowrap pre{white-space:pre;word-wrap:normal}
+em em{font-style:normal}
+strong strong{font-weight:400}
+.keyseq{color:rgba(51,51,51,.8)}
+kbd{font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;display:inline-block;color:rgba(0,0,0,.8);font-size:.65em;line-height:1.45;background:#f7f7f7;border:1px solid #ccc;-webkit-border-radius:3px;border-radius:3px;-webkit-box-shadow:0 1px 0 rgba(0,0,0,.2),0 0 0 .1em white inset;box-shadow:0 1px 0 rgba(0,0,0,.2),0 0 0 .1em #fff inset;margin:0 .15em;padding:.2em .5em;vertical-align:middle;position:relative;top:-.1em;white-space:nowrap}
+.keyseq kbd:first-child{margin-left:0}
+.keyseq kbd:last-child{margin-right:0}
+.menuseq,.menuref{color:#000}
+.menuseq b:not(.caret),.menuref{font-weight:inherit}
+.menuseq{word-spacing:-.02em}
+.menuseq b.caret{font-size:1.25em;line-height:.8}
+.menuseq i.caret{font-weight:bold;text-align:center;width:.45em}
+b.button::before,b.button::after{position:relative;top:-1px;font-weight:400}
+b.button::before{content:"[";padding:0 3px 0 2px}
+b.button::after{content:"]";padding:0 2px 0 3px}
+p a>code:hover{color:rgba(0,0,0,.9)}
+#header,#content,#footnotes,#footer{width:100%;margin-left:auto;margin-right:auto;margin-top:0;margin-bottom:0;max-width:62.5em;*zoom:1;position:relative;padding-left:.9375em;padding-right:.9375em}
+#header::before,#header::after,#content::before,#content::after,#footnotes::before,#footnotes::after,#footer::before,#footer::after{content:" ";display:table}
+#header::after,#content::after,#footnotes::after,#footer::after{clear:both}
+#content{margin-top:1.25em}
+#content::before{content:none}
+#header>h1:first-child{color:rgba(0,0,0,.85);margin-top:2.25rem;margin-bottom:0}
+#header>h1:first-child+#toc{margin-top:8px;border-top:1px solid #dddddf}
+#header>h1:only-child,body.toc2 #header>h1:nth-last-child(2){border-bottom:1px solid #dddddf;padding-bottom:8px}
+#header .details{border-bottom:1px solid #dddddf;line-height:1.45;padding-top:.25em;padding-bottom:.25em;padding-left:.25em;color:rgba(0,0,0,.6);display:-ms-flexbox;display:-webkit-flex;display:flex;-ms-flex-flow:row wrap;-webkit-flex-flow:row wrap;flex-flow:row wrap}
+#header .details span:first-child{margin-left:-.125em}
+#header .details span.email a{color:rgba(0,0,0,.85)}
+#header .details br{display:none}
+#header .details br+span::before{content:"\00a0\2013\00a0"}
+#header .details br+span.author::before{content:"\00a0\22c5\00a0";color:rgba(0,0,0,.85)}
+#header .details br+span#revremark::before{content:"\00a0|\00a0"}
+#header #revnumber{text-transform:capitalize}
+#header #revnumber::after{content:"\00a0"}
+#content>h1:first-child:not([class]){color:rgba(0,0,0,.85);border-bottom:1px solid #dddddf;padding-bottom:8px;margin-top:0;padding-top:1rem;margin-bottom:1.25rem}
+#toc{border-bottom:1px solid #e7e7e9;padding-bottom:.5em}
+#toc>ul{margin-left:.125em}
+#toc ul.sectlevel0>li>a{font-style:italic}
+#toc ul.sectlevel0 ul.sectlevel1{margin:.5em 0}
+#toc ul{font-family:"Open Sans","DejaVu Sans",sans-serif;list-style-type:none}
+#toc li{line-height:1.3334;margin-top:.3334em}
+#toc a{text-decoration:none}
+#toc a:active{text-decoration:underline}
+#toctitle{color:#7a2518;font-size:1.2em}
+@media screen and (min-width:768px){#toctitle{font-size:1.375em}
+body.toc2{padding-left:15em;padding-right:0}
+#toc.toc2{margin-top:0!important;background:#f8f8f7;position:fixed;width:15em;left:0;top:0;border-right:1px solid #e7e7e9;border-top-width:0!important;border-bottom-width:0!important;z-index:1000;padding:1.25em 1em;height:100%;overflow:auto}
+#toc.toc2 #toctitle{margin-top:0;margin-bottom:.8rem;font-size:1.2em}
+#toc.toc2>ul{font-size:.9em;margin-bottom:0}
+#toc.toc2 ul ul{margin-left:0;padding-left:1em}
+#toc.toc2 ul.sectlevel0 ul.sectlevel1{padding-left:0;margin-top:.5em;margin-bottom:.5em}
+body.toc2.toc-right{padding-left:0;padding-right:15em}
+body.toc2.toc-right #toc.toc2{border-right-width:0;border-left:1px solid #e7e7e9;left:auto;right:0}}
+@media screen and (min-width:1280px){body.toc2{padding-left:20em;padding-right:0}
+#toc.toc2{width:20em}
+#toc.toc2 #toctitle{font-size:1.375em}
+#toc.toc2>ul{font-size:.95em}
+#toc.toc2 ul ul{padding-left:1.25em}
+body.toc2.toc-right{padding-left:0;padding-right:20em}}
+#content #toc{border-style:solid;border-width:1px;border-color:#e0e0dc;margin-bottom:1.25em;padding:1.25em;background:#f8f8f7;-webkit-border-radius:4px;border-radius:4px}
+#content #toc>:first-child{margin-top:0}
+#content #toc>:last-child{margin-bottom:0}
+#footer{max-width:none;background:rgba(0,0,0,.8);padding:1.25em}
+#footer-text{color:rgba(255,255,255,.8);line-height:1.44}
+#content{margin-bottom:.625em}
+.sect1{padding-bottom:.625em}
+@media screen and (min-width:768px){#content{margin-bottom:1.25em}
+.sect1{padding-bottom:1.25em}}
+.sect1:last-child{padding-bottom:0}
+.sect1+.sect1{border-top:1px solid #e7e7e9}
+#content h1>a.anchor,h2>a.anchor,h3>a.anchor,#toctitle>a.anchor,.sidebarblock>.content>.title>a.anchor,h4>a.anchor,h5>a.anchor,h6>a.anchor{position:absolute;z-index:1001;width:1.5ex;margin-left:-1.5ex;display:block;text-decoration:none!important;visibility:hidden;text-align:center;font-weight:400}
+#content h1>a.anchor::before,h2>a.anchor::before,h3>a.anchor::before,#toctitle>a.anchor::before,.sidebarblock>.content>.title>a.anchor::before,h4>a.anchor::before,h5>a.anchor::before,h6>a.anchor::before{content:"\00A7";font-size:.85em;display:block;padding-top:.1em}
+#content h1:hover>a.anchor,#content h1>a.anchor:hover,h2:hover>a.anchor,h2>a.anchor:hover,h3:hover>a.anchor,#toctitle:hover>a.anchor,.sidebarblock>.content>.title:hover>a.anchor,h3>a.anchor:hover,#toctitle>a.anchor:hover,.sidebarblock>.content>.title>a.anchor:hover,h4:hover>a.anchor,h4>a.anchor:hover,h5:hover>a.anchor,h5>a.anchor:hover,h6:hover>a.anchor,h6>a.anchor:hover{visibility:visible}
+#content h1>a.link,h2>a.link,h3>a.link,#toctitle>a.link,.sidebarblock>.content>.title>a.link,h4>a.link,h5>a.link,h6>a.link{color:#ba3925;text-decoration:none}
+#content h1>a.link:hover,h2>a.link:hover,h3>a.link:hover,#toctitle>a.link:hover,.sidebarblock>.content>.title>a.link:hover,h4>a.link:hover,h5>a.link:hover,h6>a.link:hover{color:#a53221}
+details,.audioblock,.imageblock,.literalblock,.listingblock,.stemblock,.videoblock{margin-bottom:1.25em}
+details>summary:first-of-type{cursor:pointer;display:list-item;outline:none;margin-bottom:.75em}
+.admonitionblock td.content>.title,.audioblock>.title,.exampleblock>.title,.imageblock>.title,.listingblock>.title,.literalblock>.title,.stemblock>.title,.openblock>.title,.paragraph>.title,.quoteblock>.title,table.tableblock>.title,.verseblock>.title,.videoblock>.title,.dlist>.title,.olist>.title,.ulist>.title,.qlist>.title,.hdlist>.title{text-rendering:optimizeLegibility;text-align:left;font-family:"Noto Serif","DejaVu Serif",serif;font-size:1rem;font-style:italic}
+table.tableblock.fit-content>caption.title{white-space:nowrap;width:0}
+.paragraph.lead>p,#preamble>.sectionbody>[class="paragraph"]:first-of-type p{font-size:1.21875em;line-height:1.6;color:rgba(0,0,0,.85)}
+table.tableblock #preamble>.sectionbody>[class="paragraph"]:first-of-type p{font-size:inherit}
+.admonitionblock>table{border-collapse:separate;border:0;background:none;width:100%}
+.admonitionblock>table td.icon{text-align:center;width:80px}
+.admonitionblock>table td.icon img{max-width:none}
+.admonitionblock>table td.icon .title{font-weight:bold;font-family:"Open Sans","DejaVu Sans",sans-serif;text-transform:uppercase}
+.admonitionblock>table td.content{padding-left:1.125em;padding-right:1.25em;border-left:1px solid #dddddf;color:rgba(0,0,0,.6);word-wrap:anywhere}
+.admonitionblock>table td.content>:last-child>:last-child{margin-bottom:0}
+.exampleblock>.content{border-style:solid;border-width:1px;border-color:#e6e6e6;margin-bottom:1.25em;padding:1.25em;background:#fff;-webkit-border-radius:4px;border-radius:4px}
+.exampleblock>.content>:first-child{margin-top:0}
+.exampleblock>.content>:last-child{margin-bottom:0}
+.sidebarblock{border-style:solid;border-width:1px;border-color:#dbdbd6;margin-bottom:1.25em;padding:1.25em;background:#f3f3f2;-webkit-border-radius:4px;border-radius:4px}
+.sidebarblock>:first-child{margin-top:0}
+.sidebarblock>:last-child{margin-bottom:0}
+.sidebarblock>.content>.title{color:#7a2518;margin-top:0;text-align:center}
+.exampleblock>.content>:last-child>:last-child,.exampleblock>.content .olist>ol>li:last-child>:last-child,.exampleblock>.content .ulist>ul>li:last-child>:last-child,.exampleblock>.content .qlist>ol>li:last-child>:last-child,.sidebarblock>.content>:last-child>:last-child,.sidebarblock>.content .olist>ol>li:last-child>:last-child,.sidebarblock>.content .ulist>ul>li:last-child>:last-child,.sidebarblock>.content .qlist>ol>li:last-child>:last-child{margin-bottom:0}
+.literalblock pre,.listingblock>.content>pre{-webkit-border-radius:4px;border-radius:4px;overflow-x:auto;padding:1em;font-size:.8125em}
+@media screen and (min-width:768px){.literalblock pre,.listingblock>.content>pre{font-size:.90625em}}
+@media screen and (min-width:1280px){.literalblock pre,.listingblock>.content>pre{font-size:1em}}
+.literalblock pre,.listingblock>.content>pre:not(.highlight),.listingblock>.content>pre[class="highlight"],.listingblock>.content>pre[class^="highlight "]{background:#f7f7f8}
+.literalblock.output pre{color:#f7f7f8;background:rgba(0,0,0,.9)}
+.listingblock>.content{position:relative}
+.listingblock code[data-lang]::before{display:none;content:attr(data-lang);position:absolute;font-size:.75em;top:.425rem;right:.5rem;line-height:1;text-transform:uppercase;color:inherit;opacity:.5}
+.listingblock:hover code[data-lang]::before{display:block}
+.listingblock.terminal pre .command::before{content:attr(data-prompt);padding-right:.5em;color:inherit;opacity:.5}
+.listingblock.terminal pre .command:not([data-prompt])::before{content:"$"}
+.listingblock pre.highlightjs{padding:0}
+.listingblock pre.highlightjs>code{padding:1em;-webkit-border-radius:4px;border-radius:4px}
+.listingblock pre.prettyprint{border-width:0}
+.prettyprint{background:#f7f7f8}
+pre.prettyprint .linenums{line-height:1.45;margin-left:2em}
+pre.prettyprint li{background:none;list-style-type:inherit;padding-left:0}
+pre.prettyprint li code[data-lang]::before{opacity:1}
+pre.prettyprint li:not(:first-child) code[data-lang]::before{display:none}
+table.linenotable{border-collapse:separate;border:0;margin-bottom:0;background:none}
+table.linenotable td[class]{color:inherit;vertical-align:top;padding:0;line-height:inherit;white-space:normal}
+table.linenotable td.code{padding-left:.75em}
+table.linenotable td.linenos{border-right:1px solid currentColor;opacity:.35;padding-right:.5em}
+pre.pygments .lineno{border-right:1px solid currentColor;opacity:.35;display:inline-block;margin-right:.75em}
+pre.pygments .lineno::before{content:"";margin-right:-.125em}
+.quoteblock{margin:0 1em 1.25em 1.5em;display:table}
+.quoteblock:not(.excerpt)>.title{margin-left:-1.5em;margin-bottom:.75em}
+.quoteblock blockquote,.quoteblock p{color:rgba(0,0,0,.85);font-size:1.15rem;line-height:1.75;word-spacing:.1em;letter-spacing:0;font-style:italic;text-align:justify}
+.quoteblock blockquote{margin:0;padding:0;border:0}
+.quoteblock blockquote::before{content:"\201c";float:left;font-size:2.75em;font-weight:bold;line-height:.6em;margin-left:-.6em;color:#7a2518;text-shadow:0 1px 2px rgba(0,0,0,.1)}
+.quoteblock blockquote>.paragraph:last-child p{margin-bottom:0}
+.quoteblock .attribution{margin-top:.75em;margin-right:.5ex;text-align:right}
+.verseblock{margin:0 1em 1.25em}
+.verseblock pre{font-family:"Open Sans","DejaVu Sans",sans;font-size:1.15rem;color:rgba(0,0,0,.85);font-weight:300;text-rendering:optimizeLegibility}
+.verseblock pre strong{font-weight:400}
+.verseblock .attribution{margin-top:1.25rem;margin-left:.5ex}
+.quoteblock .attribution,.verseblock .attribution{font-size:.9375em;line-height:1.45;font-style:italic}
+.quoteblock .attribution br,.verseblock .attribution br{display:none}
+.quoteblock .attribution cite,.verseblock .attribution cite{display:block;letter-spacing:-.025em;color:rgba(0,0,0,.6)}
+.quoteblock.abstract blockquote::before,.quoteblock.excerpt blockquote::before,.quoteblock .quoteblock blockquote::before{display:none}
+.quoteblock.abstract blockquote,.quoteblock.abstract p,.quoteblock.excerpt blockquote,.quoteblock.excerpt p,.quoteblock .quoteblock blockquote,.quoteblock .quoteblock p{line-height:1.6;word-spacing:0}
+.quoteblock.abstract{margin:0 1em 1.25em;display:block}
+.quoteblock.abstract>.title{margin:0 0 .375em;font-size:1.15em;text-align:center}
+.quoteblock.excerpt>blockquote,.quoteblock .quoteblock{padding:0 0 .25em 1em;border-left:.25em solid #dddddf}
+.quoteblock.excerpt,.quoteblock .quoteblock{margin-left:0}
+.quoteblock.excerpt blockquote,.quoteblock.excerpt p,.quoteblock .quoteblock blockquote,.quoteblock .quoteblock p{color:inherit;font-size:1.0625rem}
+.quoteblock.excerpt .attribution,.quoteblock .quoteblock .attribution{color:inherit;font-size:.85rem;text-align:left;margin-right:0}
+p.tableblock:last-child{margin-bottom:0}
+td.tableblock>.content{margin-bottom:1.25em;word-wrap:anywhere}
+td.tableblock>.content>:last-child{margin-bottom:-1.25em}
+table.tableblock,th.tableblock,td.tableblock{border:0 solid #dedede}
+table.grid-all>*>tr>*{border-width:1px}
+table.grid-cols>*>tr>*{border-width:0 1px}
+table.grid-rows>*>tr>*{border-width:1px 0}
+table.frame-all{border-width:1px}
+table.frame-ends{border-width:1px 0}
+table.frame-sides{border-width:0 1px}
+table.frame-none>colgroup+*>:first-child>*,table.frame-sides>colgroup+*>:first-child>*{border-top-width:0}
+table.frame-none>:last-child>:last-child>*,table.frame-sides>:last-child>:last-child>*{border-bottom-width:0}
+table.frame-none>*>tr>:first-child,table.frame-ends>*>tr>:first-child{border-left-width:0}
+table.frame-none>*>tr>:last-child,table.frame-ends>*>tr>:last-child{border-right-width:0}
+table.stripes-all tr,table.stripes-odd tr:nth-of-type(odd),table.stripes-even tr:nth-of-type(even),table.stripes-hover tr:hover{background:#f8f8f7}
+th.halign-left,td.halign-left{text-align:left}
+th.halign-right,td.halign-right{text-align:right}
+th.halign-center,td.halign-center{text-align:center}
+th.valign-top,td.valign-top{vertical-align:top}
+th.valign-bottom,td.valign-bottom{vertical-align:bottom}
+th.valign-middle,td.valign-middle{vertical-align:middle}
+table thead th,table tfoot th{font-weight:bold}
+tbody tr th{background:#f7f8f7}
+tbody tr th,tbody tr th p,tfoot tr th,tfoot tr th p{color:rgba(0,0,0,.8);font-weight:bold}
+p.tableblock>code:only-child{background:none;padding:0}
+p.tableblock{font-size:1em}
+ol{margin-left:1.75em}
+ul li ol{margin-left:1.5em}
+dl dd{margin-left:1.125em}
+dl dd:last-child,dl dd:last-child>:last-child{margin-bottom:0}
+ol>li p,ul>li p,ul dd,ol dd,.olist .olist,.ulist .ulist,.ulist .olist,.olist .ulist{margin-bottom:.625em}
+ul.checklist,ul.none,ol.none,ul.no-bullet,ol.no-bullet,ol.unnumbered,ul.unstyled,ol.unstyled{list-style-type:none}
+ul.no-bullet,ol.no-bullet,ol.unnumbered{margin-left:.625em}
+ul.unstyled,ol.unstyled{margin-left:0}
+ul.checklist{margin-left:.625em}
+ul.checklist li>p:first-child>.fa-square-o:first-child,ul.checklist li>p:first-child>.fa-check-square-o:first-child{width:1.25em;font-size:.8em;position:relative;bottom:.125em}
+ul.checklist li>p:first-child>input[type="checkbox"]:first-child{margin-right:.25em}
+ul.inline{display:-ms-flexbox;display:-webkit-box;display:flex;-ms-flex-flow:row wrap;-webkit-flex-flow:row wrap;flex-flow:row wrap;list-style:none;margin:0 0 .625em -1.25em}
+ul.inline>li{margin-left:1.25em}
+.unstyled dl dt{font-weight:400;font-style:normal}
+ol.arabic{list-style-type:decimal}
+ol.decimal{list-style-type:decimal-leading-zero}
+ol.loweralpha{list-style-type:lower-alpha}
+ol.upperalpha{list-style-type:upper-alpha}
+ol.lowerroman{list-style-type:lower-roman}
+ol.upperroman{list-style-type:upper-roman}
+ol.lowergreek{list-style-type:lower-greek}
+.hdlist>table,.colist>table{border:0;background:none}
+.hdlist>table>tbody>tr,.colist>table>tbody>tr{background:none}
+td.hdlist1,td.hdlist2{vertical-align:top;padding:0 .625em}
+td.hdlist1{font-weight:bold;padding-bottom:1.25em}
+td.hdlist2{word-wrap:anywhere}
+.literalblock+.colist,.listingblock+.colist{margin-top:-.5em}
+.colist td:not([class]):first-child{padding:.4em .75em 0;line-height:1;vertical-align:top}
+.colist td:not([class]):first-child img{max-width:none}
+.colist td:not([class]):last-child{padding:.25em 0}
+.thumb,.th{line-height:0;display:inline-block;border:solid 4px #fff;-webkit-box-shadow:0 0 0 1px #ddd;box-shadow:0 0 0 1px #ddd}
+.imageblock.left{margin:.25em .625em 1.25em 0}
+.imageblock.right{margin:.25em 0 1.25em .625em}
+.imageblock>.title{margin-bottom:0}
+.imageblock.thumb,.imageblock.th{border-width:6px}
+.imageblock.thumb>.title,.imageblock.th>.title{padding:0 .125em}
+.image.left,.image.right{margin-top:.25em;margin-bottom:.25em;display:inline-block;line-height:0}
+.image.left{margin-right:.625em}
+.image.right{margin-left:.625em}
+a.image{text-decoration:none;display:inline-block}
+a.image object{pointer-events:none}
+sup.footnote,sup.footnoteref{font-size:.875em;position:static;vertical-align:super}
+sup.footnote a,sup.footnoteref a{text-decoration:none}
+sup.footnote a:active,sup.footnoteref a:active{text-decoration:underline}
+#footnotes{padding-top:.75em;padding-bottom:.75em;margin-bottom:.625em}
+#footnotes hr{width:20%;min-width:6.25em;margin:-.25em 0 .75em;border-width:1px 0 0}
+#footnotes .footnote{padding:0 .375em 0 .225em;line-height:1.3334;font-size:.875em;margin-left:1.2em;margin-bottom:.2em}
+#footnotes .footnote a:first-of-type{font-weight:bold;text-decoration:none;margin-left:-1.05em}
+#footnotes .footnote:last-of-type{margin-bottom:0}
+#content #footnotes{margin-top:-.625em;margin-bottom:0;padding:.75em 0}
+.gist .file-data>table{border:0;background:#fff;width:100%;margin-bottom:0}
+.gist .file-data>table td.line-data{width:99%}
+div.unbreakable{page-break-inside:avoid}
+.big{font-size:larger}
+.small{font-size:smaller}
+.underline{text-decoration:underline}
+.overline{text-decoration:overline}
+.line-through{text-decoration:line-through}
+.aqua{color:#00bfbf}
+.aqua-background{background:#00fafa}
+.black{color:#000}
+.black-background{background:#000}
+.blue{color:#0000bf}
+.blue-background{background:#0000fa}
+.fuchsia{color:#bf00bf}
+.fuchsia-background{background:#fa00fa}
+.gray{color:#606060}
+.gray-background{background:#7d7d7d}
+.green{color:#006000}
+.green-background{background:#007d00}
+.lime{color:#00bf00}
+.lime-background{background:#00fa00}
+.maroon{color:#600000}
+.maroon-background{background:#7d0000}
+.navy{color:#000060}
+.navy-background{background:#00007d}
+.olive{color:#606000}
+.olive-background{background:#7d7d00}
+.purple{color:#600060}
+.purple-background{background:#7d007d}
+.red{color:#bf0000}
+.red-background{background:#fa0000}
+.silver{color:#909090}
+.silver-background{background:#bcbcbc}
+.teal{color:#006060}
+.teal-background{background:#007d7d}
+.white{color:#bfbfbf}
+.white-background{background:#fafafa}
+.yellow{color:#bfbf00}
+.yellow-background{background:#fafa00}
+span.icon>.fa{cursor:default}
+a span.icon>.fa{cursor:inherit}
+.admonitionblock td.icon [class^="fa icon-"]{font-size:2.5em;text-shadow:1px 1px 2px rgba(0,0,0,.5);cursor:default}
+.admonitionblock td.icon .icon-note::before{content:"\f05a";color:#19407c}
+.admonitionblock td.icon .icon-tip::before{content:"\f0eb";text-shadow:1px 1px 2px rgba(155,155,0,.8);color:#111}
+.admonitionblock td.icon .icon-warning::before{content:"\f071";color:#bf6900}
+.admonitionblock td.icon .icon-caution::before{content:"\f06d";color:#bf3400}
+.admonitionblock td.icon .icon-important::before{content:"\f06a";color:#bf0000}
+.conum[data-value]{display:inline-block;color:#fff!important;background:rgba(0,0,0,.8);-webkit-border-radius:50%;border-radius:50%;text-align:center;font-size:.75em;width:1.67em;height:1.67em;line-height:1.67em;font-family:"Open Sans","DejaVu Sans",sans-serif;font-style:normal;font-weight:bold}
+.conum[data-value] *{color:#fff!important}
+.conum[data-value]+b{display:none}
+.conum[data-value]::after{content:attr(data-value)}
+pre .conum[data-value]{position:relative;top:-.125em}
+b.conum *{color:inherit!important}
+.conum:not([data-value]):empty{display:none}
+dt,th.tableblock,td.content,div.footnote{text-rendering:optimizeLegibility}
+h1,h2,p,td.content,span.alt{letter-spacing:-.01em}
+p strong,td.content strong,div.footnote strong{letter-spacing:-.005em}
+p,blockquote,dt,td.content,span.alt{font-size:1.0625rem}
+p{margin-bottom:1.25rem}
+.sidebarblock p,.sidebarblock dt,.sidebarblock td.content,p.tableblock{font-size:1em}
+.exampleblock>.content{background:#fffef7;border-color:#e0e0dc;-webkit-box-shadow:0 1px 4px #e0e0dc;box-shadow:0 1px 4px #e0e0dc}
+.print-only{display:none!important}
+@page{margin:1.25cm .75cm}
+@media print{*{-webkit-box-shadow:none!important;box-shadow:none!important;text-shadow:none!important}
+html{font-size:80%}
+a{color:inherit!important;text-decoration:underline!important}
+a.bare,a[href^="#"],a[href^="mailto:"]{text-decoration:none!important}
+a[href^="http:"]:not(.bare)::after,a[href^="https:"]:not(.bare)::after{content:"(" attr(href) ")";display:inline-block;font-size:.875em;padding-left:.25em}
+abbr[title]::after{content:" (" attr(title) ")"}
+pre,blockquote,tr,img,object,svg{page-break-inside:avoid}
+thead{display:table-header-group}
+svg{max-width:100%}
+p,blockquote,dt,td.content{font-size:1em;orphans:3;widows:3}
+h2,h3,#toctitle,.sidebarblock>.content>.title{page-break-after:avoid}
+#header,#content,#footnotes,#footer{max-width:none}
+#toc,.sidebarblock,.exampleblock>.content{background:none!important}
+#toc{border-bottom:1px solid #dddddf!important;padding-bottom:0!important}
+body.book #header{text-align:center}
+body.book #header>h1:first-child{border:0!important;margin:2.5em 0 1em}
+body.book #header .details{border:0!important;display:block;padding:0!important}
+body.book #header .details span:first-child{margin-left:0!important}
+body.book #header .details br{display:block}
+body.book #header .details br+span::before{content:none!important}
+body.book #toc{border:0!important;text-align:left!important;padding:0!important;margin:0!important}
+body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-break-before:always}
+.listingblock code[data-lang]::before{display:block}
+#footer{padding:0 .9375em}
+.hide-on-print{display:none!important}
+.print-only{display:block!important}
+.hide-for-print{display:none!important}
+.show-for-print{display:inherit!important}}
+@media print,amzn-kf8{#header>h1:first-child{margin-top:1.25rem}
+.sect1{padding:0!important}
+.sect1+.sect1{border:0}
+#footer{background:none}
+#footer-text{color:rgba(0,0,0,.6);font-size:.9em}}
+@media amzn-kf8{#header,#content,#footnotes,#footer{padding:0}}
+</style>
+</head>
+<body class="article">
+<div id="header">
+<h1>Spring Auth API Documentation</h1>
+</div>
+<div id="content">
+<div class="sect1">
+<h2 id="_user_endpoints">User Endpoints</h2>
+<div class="sectionbody">
+<div class="sect2">
+<h3 id="_get_authenticated_user">Get Authenticated User</h3>
+<div class="paragraph">
+<p>This is an example output for the <code>GET /users/me</code> endpoint.</p>
+</div>
+<div class="listingblock">
+<div class="title">request</div>
+<div class="content">
+<pre class="highlight nowrap"><code class="language-http" data-lang="http">GET /users/me HTTP/1.1
+Accept: application/json
+Host: localhost:8080</code></pre>
+</div>
+</div>
+<div class="listingblock">
+<div class="title">response</div>
+<div class="content">
+<pre class="highlight nowrap"><code class="language-http" data-lang="http">HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 179
+
+{
+  "id" : 1,
+  "firstName" : "John",
+  "lastName" : "Doe",
+  "login" : "john@test.com",
+  "token" : null,
+  "refreshToken" : null,
+  "mainRole" : "USER",
+  "permissions" : null
+}</code></pre>
+</div>
+</div>
+<div class="paragraph">
+<p>It gives informations about the authenticated user.</p>
+</div>
+</div>
+<div class="sect2">
+<h3 id="_get_all_users">Get All Users</h3>
+<div class="paragraph">
+<p>This is an example output for the <code>GET /users/all</code> endpoint.</p>
+</div>
+<div class="listingblock">
+<div class="title">request</div>
+<div class="content">
+<pre class="highlight nowrap"><code class="language-http" data-lang="http">GET /users/all HTTP/1.1
+Accept: application/json
+Host: localhost:8080</code></pre>
+</div>
+</div>
+<div class="listingblock">
+<div class="title">response</div>
+<div class="content">
+<pre class="highlight nowrap"><code class="language-http" data-lang="http">HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 698
+
+[ {
+  "id" : 1,
+  "firstName" : "John",
+  "lastName" : "Doe",
+  "login" : "john@test.com",
+  "password" : "pass",
+  "createdAt" : null,
+  "updatedAt" : null,
+  "mainRole" : null,
+  "authorities" : [ ],
+  "credentialsNonExpired" : true,
+  "accountNonExpired" : true,
+  "accountNonLocked" : true,
+  "username" : "john@test.com",
+  "enabled" : true
+}, {
+  "id" : 2,
+  "firstName" : "Jane",
+  "lastName" : "Smith",
+  "login" : "jane@test.com",
+  "password" : "pass",
+  "createdAt" : null,
+  "updatedAt" : null,
+  "mainRole" : null,
+  "authorities" : [ ],
+  "credentialsNonExpired" : true,
+  "accountNonExpired" : true,
+  "accountNonLocked" : true,
+  "username" : "jane@test.com",
+  "enabled" : true
+} ]</code></pre>
+</div>
+</div>
+<div class="paragraph">
+<p>It gives informations about all users.</p>
+</div>
+</div>
+<div class="sect2">
+<h3 id="_promote_user_to_manager">Promote User to Manager</h3>
+<div class="paragraph">
+<p>This is an example output for the <code>PUT /users/{userId}/promote-manager</code> endpoint.</p>
+</div>
+<div class="listingblock">
+<div class="title">request</div>
+<div class="content">
+<pre class="highlight nowrap"><code class="language-http" data-lang="http">PUT /users/2/promote-manager HTTP/1.1
+Accept: application/json
+Host: localhost:8080
+Content-Type: application/x-www-form-urlencoded</code></pre>
+</div>
+</div>
+<div class="listingblock">
+<div class="title">response</div>
+<div class="content">
+<pre class="highlight nowrap"><code class="language-http" data-lang="http">HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 37
+
+User promoted to manager successfully</code></pre>
+</div>
+</div>
+<div class="paragraph">
+<p>It promotes a user to the "MANAGER" role.</p>
+</div>
+</div>
+</div>
+</div>
+</div>
+<div id="footer">
+<div id="footer-text">
+Last updated 2025-09-30 10:50:30 UTC
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/env-dist b/env-dist
index 40f46805..95150116 100644
--- a/env-dist
+++ b/env-dist
@@ -15,4 +15,11 @@ TEST_SPRING_DATASOURCE_URL=jdbc:mariadb://db:3306/test_db
 
 # User name and password used by Docker to create the database container
 DB_USERNAME=root
-DB_PASSWORD=pwd
\ No newline at end of file
+DB_PASSWORD=pwd
+
+# Azure OAuth2 settings
+# Set these values according to your Azure app registration
+AZURE_REDIRECT_BASE_URL=http://localhost:8080
+AZURE_TENANT_ID=
+AZURE_CLIENT_ID=
+AZURE_CLIENT_SECRET=
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index 120cba4b..22cf4f63 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project xmlns="http://maven.apache.org/POM/4.0.0"
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
     <parent>
         <groupId>org.springframework.boot</groupId>
@@ -11,7 +11,7 @@
     </parent>
     <groupId>ch.sectioninformatique</groupId>
     <artifactId>spring-auth</artifactId>
-    <version>0.1.0</version>
+    <version>0.1.1-SNAPSHOT</version>
     <name>spring-auth</name>
     <description>Authentication API to be used by other applications to identify their users</description>
     <url />
@@ -37,6 +37,12 @@
             <artifactId>dotenv-java</artifactId>
             <version>3.0.0</version>
         </dependency>
+        <!-- Spring REST Docs for MockMvc (JUnit 5 supported) -->
+        <dependency>
+            <groupId>org.springframework.restdocs</groupId>
+            <artifactId>spring-restdocs-mockmvc</artifactId>
+            <scope>test</scope>
+        </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-data-jpa</artifactId>
@@ -46,7 +52,7 @@
             <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
         <dependency>
-        <groupId>org.springframework.boot</groupId>
+            <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-validation</artifactId>
         </dependency>
         <dependency>
@@ -57,7 +63,6 @@
         <dependency>
             <groupId>org.projectlombok</groupId>
             <artifactId>lombok</artifactId>
-            <version>1.18.36</version>
             <scope>provided</scope>
         </dependency>
         <dependency>
@@ -81,6 +86,12 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-test</artifactId>
             <scope>test</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.junit.vintage</groupId>
+                    <artifactId>junit-vintage-engine</artifactId>
+                </exclusion>
+             </exclusions>
         </dependency>
         <dependency>
             <groupId>org.springframework.security</groupId>
@@ -95,7 +106,6 @@
         <dependency>
             <groupId>jakarta.validation</groupId>
             <artifactId>jakarta.validation-api</artifactId>
-            <version>3.0.2</version>
         </dependency>
         <dependency>
             <groupId>org.mapstruct</groupId>
@@ -121,6 +131,7 @@
             <version>4.0.0</version>
             <scope>provided</scope>
         </dependency>
+        <!-- (duplicate removed above) -->
     </dependencies>
 
     <build>
@@ -143,6 +154,67 @@
                     </annotationProcessorPaths>
                 </configuration>
             </plugin>
+            <plugin> 
+                <groupId>org.asciidoctor</groupId>
+                <artifactId>asciidoctor-maven-plugin</artifactId>
+                <version>2.2.1</version>
+                <executions>
+                    <execution>
+                        <id>generate-docs</id>
+                        <phase>prepare-package</phase> 
+                        <goals>
+                            <goal>process-asciidoc</goal>
+                        </goals>
+                        <configuration>
+                            <backend>html</backend>
+                            <doctype>book</doctype>
+                        </configuration>
+                    </execution>
+                    <execution>
+                        <id>convert-to-html</id>
+                        <phase>generate-resources</phase> 
+                        <goals>
+                            <goal>process-asciidoc</goal>
+                        </goals>
+                        <configuration>
+                            <sourceDirectory>src/asciidoc</sourceDirectory>
+                            <sourceDocumentName>index.adoc</sourceDocumentName>
+                            <outputDirectory>/app/build/generated-snippets-html</outputDirectory> 
+                        </configuration>
+                    </execution>
+                </executions>
+                <dependencies>
+                    <dependency> 
+                        <groupId>org.springframework.restdocs</groupId>
+                        <artifactId>spring-restdocs-asciidoctor</artifactId>
+                        <version>${spring-restdocs.version}</version>
+                    </dependency>
+                </dependencies>
+            </plugin>
+            <plugin> 
+                <artifactId>maven-resources-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>copy-resources</id>
+                        <phase>prepare-package</phase>
+                        <goals>
+                            <goal>copy-resources</goal>
+                        </goals>
+                        <configuration> 
+                            <outputDirectory>
+                                ${project.build.outputDirectory}/static/docs
+                            </outputDirectory>
+                            <resources>
+                                <resource>
+                                    <directory>
+                                        ${project.build.directory}/generated-docs
+                                    </directory>
+                                </resource>
+                            </resources>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
         </plugins>
     </build>
 </project>
diff --git a/src/asciidoc/index.adoc b/src/asciidoc/index.adoc
new file mode 100644
index 00000000..b3c67a86
--- /dev/null
+++ b/src/asciidoc/index.adoc
@@ -0,0 +1,37 @@
+= Spring Auth API Documentation
+
+== User Endpoints
+
+=== Get Authenticated User
+This is an example output for the `GET /users/me` endpoint.
+
+.request
+include::users/me/http-request.adoc[]
+
+.response
+include::users/me/http-response.adoc[]
+
+It gives informations about the authenticated user.
+
+
+=== Get All Users
+This is an example output for the `GET /users/all` endpoint.
+
+.request
+include::users/all/http-request.adoc[]
+
+.response
+include::users/all/http-response.adoc[]
+
+It gives informations about all users.
+
+=== Promote User to Manager
+This is an example output for the `PUT /users/{userId}/promote-manager` endpoint.
+
+.request
+include::users/promote-manager/http-request.adoc[]
+
+.response
+include::users/promote-manager/http-response.adoc[]
+
+It promotes a user to the "MANAGER" role.
diff --git a/src/asciidoc/users/all/curl-request.adoc b/src/asciidoc/users/all/curl-request.adoc
new file mode 100644
index 00000000..034c877c
--- /dev/null
+++ b/src/asciidoc/users/all/curl-request.adoc
@@ -0,0 +1,5 @@
+[source,bash]
+----
+$ curl 'http://localhost:8080/users/all' -i -X GET \
+    -H 'Accept: application/json'
+----
\ No newline at end of file
diff --git a/src/asciidoc/users/all/http-request.adoc b/src/asciidoc/users/all/http-request.adoc
new file mode 100644
index 00000000..507cb9e6
--- /dev/null
+++ b/src/asciidoc/users/all/http-request.adoc
@@ -0,0 +1,7 @@
+[source,http,options="nowrap"]
+----
+GET /users/all HTTP/1.1
+Accept: application/json
+Host: localhost:8080
+
+----
\ No newline at end of file
diff --git a/src/asciidoc/users/all/http-response.adoc b/src/asciidoc/users/all/http-response.adoc
new file mode 100644
index 00000000..503ff03f
--- /dev/null
+++ b/src/asciidoc/users/all/http-response.adoc
@@ -0,0 +1,38 @@
+[source,http,options="nowrap"]
+----
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 698
+
+[ {
+  "id" : 1,
+  "firstName" : "John",
+  "lastName" : "Doe",
+  "login" : "john@test.com",
+  "password" : "pass",
+  "createdAt" : null,
+  "updatedAt" : null,
+  "mainRole" : null,
+  "authorities" : [ ],
+  "accountNonExpired" : true,
+  "accountNonLocked" : true,
+  "credentialsNonExpired" : true,
+  "username" : "john@test.com",
+  "enabled" : true
+}, {
+  "id" : 2,
+  "firstName" : "Jane",
+  "lastName" : "Smith",
+  "login" : "jane@test.com",
+  "password" : "pass",
+  "createdAt" : null,
+  "updatedAt" : null,
+  "mainRole" : null,
+  "authorities" : [ ],
+  "accountNonExpired" : true,
+  "accountNonLocked" : true,
+  "credentialsNonExpired" : true,
+  "username" : "jane@test.com",
+  "enabled" : true
+} ]
+----
\ No newline at end of file
diff --git a/src/asciidoc/users/all/httpie-request.adoc b/src/asciidoc/users/all/httpie-request.adoc
new file mode 100644
index 00000000..9ee9879c
--- /dev/null
+++ b/src/asciidoc/users/all/httpie-request.adoc
@@ -0,0 +1,5 @@
+[source,bash]
+----
+$ http GET 'http://localhost:8080/users/all' \
+    'Accept:application/json'
+----
\ No newline at end of file
diff --git a/src/asciidoc/users/all/request-body.adoc b/src/asciidoc/users/all/request-body.adoc
new file mode 100644
index 00000000..dab5f81d
--- /dev/null
+++ b/src/asciidoc/users/all/request-body.adoc
@@ -0,0 +1,4 @@
+[source,options="nowrap"]
+----
+
+----
\ No newline at end of file
diff --git a/src/asciidoc/users/all/response-body.adoc b/src/asciidoc/users/all/response-body.adoc
new file mode 100644
index 00000000..42079be6
--- /dev/null
+++ b/src/asciidoc/users/all/response-body.adoc
@@ -0,0 +1,34 @@
+[source,json,options="nowrap"]
+----
+[ {
+  "id" : 1,
+  "firstName" : "John",
+  "lastName" : "Doe",
+  "login" : "john@test.com",
+  "password" : "pass",
+  "createdAt" : null,
+  "updatedAt" : null,
+  "mainRole" : null,
+  "authorities" : [ ],
+  "accountNonExpired" : true,
+  "accountNonLocked" : true,
+  "credentialsNonExpired" : true,
+  "username" : "john@test.com",
+  "enabled" : true
+}, {
+  "id" : 2,
+  "firstName" : "Jane",
+  "lastName" : "Smith",
+  "login" : "jane@test.com",
+  "password" : "pass",
+  "createdAt" : null,
+  "updatedAt" : null,
+  "mainRole" : null,
+  "authorities" : [ ],
+  "accountNonExpired" : true,
+  "accountNonLocked" : true,
+  "credentialsNonExpired" : true,
+  "username" : "jane@test.com",
+  "enabled" : true
+} ]
+----
\ No newline at end of file
diff --git a/src/asciidoc/users/me/curl-request.adoc b/src/asciidoc/users/me/curl-request.adoc
new file mode 100644
index 00000000..95b249a1
--- /dev/null
+++ b/src/asciidoc/users/me/curl-request.adoc
@@ -0,0 +1,5 @@
+[source,bash]
+----
+$ curl 'http://localhost:8080/users/me' -i -X GET \
+    -H 'Accept: application/json'
+----
\ No newline at end of file
diff --git a/src/asciidoc/users/me/http-request.adoc b/src/asciidoc/users/me/http-request.adoc
new file mode 100644
index 00000000..79620cb9
--- /dev/null
+++ b/src/asciidoc/users/me/http-request.adoc
@@ -0,0 +1,7 @@
+[source,http,options="nowrap"]
+----
+GET /users/me HTTP/1.1
+Accept: application/json
+Host: localhost:8080
+
+----
\ No newline at end of file
diff --git a/src/asciidoc/users/me/http-response.adoc b/src/asciidoc/users/me/http-response.adoc
new file mode 100644
index 00000000..7044ca7f
--- /dev/null
+++ b/src/asciidoc/users/me/http-response.adoc
@@ -0,0 +1,17 @@
+[source,http,options="nowrap"]
+----
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 179
+
+{
+  "id" : 1,
+  "firstName" : "John",
+  "lastName" : "Doe",
+  "login" : "john@test.com",
+  "token" : null,
+  "refreshToken" : null,
+  "mainRole" : "USER",
+  "permissions" : null
+}
+----
\ No newline at end of file
diff --git a/src/asciidoc/users/me/httpie-request.adoc b/src/asciidoc/users/me/httpie-request.adoc
new file mode 100644
index 00000000..6200d74c
--- /dev/null
+++ b/src/asciidoc/users/me/httpie-request.adoc
@@ -0,0 +1,5 @@
+[source,bash]
+----
+$ http GET 'http://localhost:8080/users/me' \
+    'Accept:application/json'
+----
\ No newline at end of file
diff --git a/src/asciidoc/users/me/request-body.adoc b/src/asciidoc/users/me/request-body.adoc
new file mode 100644
index 00000000..dab5f81d
--- /dev/null
+++ b/src/asciidoc/users/me/request-body.adoc
@@ -0,0 +1,4 @@
+[source,options="nowrap"]
+----
+
+----
\ No newline at end of file
diff --git a/src/asciidoc/users/me/response-body.adoc b/src/asciidoc/users/me/response-body.adoc
new file mode 100644
index 00000000..20e094a3
--- /dev/null
+++ b/src/asciidoc/users/me/response-body.adoc
@@ -0,0 +1,13 @@
+[source,json,options="nowrap"]
+----
+{
+  "id" : 1,
+  "firstName" : "John",
+  "lastName" : "Doe",
+  "login" : "john@test.com",
+  "token" : null,
+  "refreshToken" : null,
+  "mainRole" : "USER",
+  "permissions" : null
+}
+----
\ No newline at end of file
diff --git a/src/asciidoc/users/promote-manager/curl-request.adoc b/src/asciidoc/users/promote-manager/curl-request.adoc
new file mode 100644
index 00000000..92a731c0
--- /dev/null
+++ b/src/asciidoc/users/promote-manager/curl-request.adoc
@@ -0,0 +1,5 @@
+[source,bash]
+----
+$ curl 'http://localhost:8080/users/2/promote-manager' -i -X PUT \
+    -H 'Accept: application/json'
+----
\ No newline at end of file
diff --git a/src/asciidoc/users/promote-manager/http-request.adoc b/src/asciidoc/users/promote-manager/http-request.adoc
new file mode 100644
index 00000000..587ea3a2
--- /dev/null
+++ b/src/asciidoc/users/promote-manager/http-request.adoc
@@ -0,0 +1,8 @@
+[source,http,options="nowrap"]
+----
+PUT /users/2/promote-manager HTTP/1.1
+Accept: application/json
+Host: localhost:8080
+Content-Type: application/x-www-form-urlencoded
+
+----
\ No newline at end of file
diff --git a/src/asciidoc/users/promote-manager/http-response.adoc b/src/asciidoc/users/promote-manager/http-response.adoc
new file mode 100644
index 00000000..b07b7150
--- /dev/null
+++ b/src/asciidoc/users/promote-manager/http-response.adoc
@@ -0,0 +1,8 @@
+[source,http,options="nowrap"]
+----
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 37
+
+User promoted to manager successfully
+----
\ No newline at end of file
diff --git a/src/asciidoc/users/promote-manager/httpie-request.adoc b/src/asciidoc/users/promote-manager/httpie-request.adoc
new file mode 100644
index 00000000..fae8140e
--- /dev/null
+++ b/src/asciidoc/users/promote-manager/httpie-request.adoc
@@ -0,0 +1,5 @@
+[source,bash]
+----
+$ http PUT 'http://localhost:8080/users/2/promote-manager' \
+    'Accept:application/json'
+----
\ No newline at end of file
diff --git a/src/asciidoc/users/promote-manager/request-body.adoc b/src/asciidoc/users/promote-manager/request-body.adoc
new file mode 100644
index 00000000..dab5f81d
--- /dev/null
+++ b/src/asciidoc/users/promote-manager/request-body.adoc
@@ -0,0 +1,4 @@
+[source,options="nowrap"]
+----
+
+----
\ No newline at end of file
diff --git a/src/asciidoc/users/promote-manager/response-body.adoc b/src/asciidoc/users/promote-manager/response-body.adoc
new file mode 100644
index 00000000..57621213
--- /dev/null
+++ b/src/asciidoc/users/promote-manager/response-body.adoc
@@ -0,0 +1,4 @@
+[source,json,options="nowrap"]
+----
+User promoted to manager successfully
+----
\ No newline at end of file
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index f418ca24..89fb601b 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -47,6 +47,6 @@ spring.security.oauth2.client.registration.azure.client-id=${AZURE_CLIENT_ID}
 spring.security.oauth2.client.registration.azure.client-secret=${AZURE_CLIENT_SECRET}
 spring.security.oauth2.client.registration.azure.client-authentication-method=client_secret_post
 spring.security.oauth2.client.registration.azure.authorization-grant-type=authorization_code
-spring.security.oauth2.client.registration.azure.redirect-uri={baseUrl}/login/oauth2/code/{registrationId}
+spring.security.oauth2.client.registration.azure.redirect-uri=${AZURE_REDIRECT_BASE_URL}/login/oauth2/code/{registrationId}
 spring.security.oauth2.client.registration.azure.scope=openid,profile,email,User.Read
 spring.security.oauth2.client.registration.azure.client-name=Azure
diff --git a/src/test/java/ch/sectioninformatique/auth/security/UserAuthenticationProviderTest.java b/src/test/java/ch/sectioninformatique/auth/security/UserAuthenticationProviderTest.java
index 8ab5ea48..bfb58fd9 100644
--- a/src/test/java/ch/sectioninformatique/auth/security/UserAuthenticationProviderTest.java
+++ b/src/test/java/ch/sectioninformatique/auth/security/UserAuthenticationProviderTest.java
@@ -17,6 +17,8 @@
 import java.util.List;
 import java.util.Base64;
 
+import java.util.ArrayList;
+
 import static org.junit.jupiter.api.Assertions.*;
 import static org.mockito.Mockito.*;
 
diff --git a/src/test/java/ch/sectioninformatique/auth/user/UserControllerTest.java b/src/test/java/ch/sectioninformatique/auth/user/UserControllerTest.java
index 4c5524bd..2bdac36e 100644
--- a/src/test/java/ch/sectioninformatique/auth/user/UserControllerTest.java
+++ b/src/test/java/ch/sectioninformatique/auth/user/UserControllerTest.java
@@ -1,303 +1,122 @@
 package ch.sectioninformatique.auth.user;
 
-import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.extension.ExtendWith;
-import org.mockito.InjectMocks;
-import org.mockito.Mock;
-import org.mockito.junit.jupiter.MockitoExtension;
-import org.mockito.junit.jupiter.MockitoSettings;
-import org.mockito.quality.Strictness;
-import org.springframework.http.ResponseEntity;
+import org.mockito.Mockito;
+import org.springframework.restdocs.RestDocumentationExtension;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContext;
 import org.springframework.security.core.context.SecurityContextHolder;
 
 import ch.sectioninformatique.auth.security.RoleRepository;
+import ch.sectioninformatique.auth.security.UserAuthenticationProvider;
 
 import org.springframework.http.HttpStatus;
-import java.util.Arrays;
-import java.util.List;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.junit.jupiter.api.Test;
 
-import static org.junit.jupiter.api.Assertions.*;
-import static org.mockito.Mockito.*;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.web.servlet.MockMvc;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.put;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
-@ExtendWith(MockitoExtension.class)
-@MockitoSettings(strictness = Strictness.LENIENT)
-public class UserControllerTest {
+import java.util.Arrays;
+import java.util.List;
 
-    @Mock
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+import static org.springframework.restdocs.mockmvc.MockMvcRestDocumentation.document;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.springframework.boot.autoconfigure.security.oauth2.client.servlet.OAuth2ClientAutoConfiguration;
+import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
+import org.springframework.boot.test.autoconfigure.restdocs.AutoConfigureRestDocs;
+import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
+import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
+import org.springframework.boot.test.mock.mockito.MockBean;
+
+import static org.springframework.restdocs.operation.preprocess.Preprocessors.preprocessResponse;
+import static org.springframework.restdocs.operation.preprocess.Preprocessors.prettyPrint;
+
+@ExtendWith(RestDocumentationExtension.class)
+@WebMvcTest(controllers = UserController.class, excludeAutoConfiguration = { SecurityAutoConfiguration.class,
+        OAuth2ClientAutoConfiguration.class })
+@AutoConfigureMockMvc(addFilters = false)
+@AutoConfigureRestDocs(outputDir = "build/generated-snippets")
+class UserControllerTest {
+
+    @Autowired
+    private MockMvc mockMvc;
+
+    @MockBean
     private UserService userService;
 
-    @Mock
-    private SecurityContext securityContext;
-
-    @Mock
-    private Authentication authentication;
-
-    @Mock
-    private UserRepository userRepository;
-
-    @Mock
-    private RoleRepository roleRepository;
-
-    @Mock
+    @MockBean
     private UserMapper userMapper;
 
-    @InjectMocks
-    private UserController userController;
-
-    @BeforeEach
-    void setUp() {
-        SecurityContextHolder.setContext(securityContext);
-    }
-
-    @Test
-    void authenticatedUser_ReturnsCurrentUser() {
-        // Arrange
-        UserDto currentUser = new UserDto(1L, "John", "Doe", "john@test.com", null, null, "USER", null);
-        when(securityContext.getAuthentication()).thenReturn(authentication);
-        when(authentication.getPrincipal()).thenReturn(currentUser);
-
-        // Act
-        ResponseEntity<UserDto> response = userController.authenticatedUser();
-
-        // Assert
-        assertEquals(200, response.getStatusCode().value());
-        assertEquals(currentUser, response.getBody());
-    }
-
-    @Test
-    void allUsers_ReturnsListOfUsers() {
-        // Arrange
-        List<User> users = Arrays.asList(
-            new User(1L, "John", "Doe", "john@test.com", "pass", null, null, null),
-            new User(2L, "Jane", "Smith", "jane@test.com", "pass", null, null, null)
-        );
-        when(userService.allUsers()).thenReturn(users);
-
-        // Act
-        ResponseEntity<List<User>> response = userController.allUsers();
-
-        // Assert
-        assertEquals(200, response.getStatusCode().value());
-        assertEquals(users, response.getBody());
-    }
-
-    @Test
-    void promoteToManager_Successful_ReturnsUserDto() {
-        // Arrange
-        Long userId = 1L;
-        UserDto expectedDto = new UserDto(1L, "John", "Doe", "john@test.com", null, null, "ROLE_MANAGER", null);
-        
-        when(userService.promoteToManager(userId)).thenReturn(expectedDto);
-
-        // Act
-        ResponseEntity<?> response = userController.promoteToManager(userId);
-
-        // Assert
-        assertEquals(HttpStatus.OK, response.getStatusCode());
-        assertEquals("User promoted to manager successfully", response.getBody());
-        verify(userService).promoteToManager(userId);
-    }
-
-    @Test
-    void promoteToManager_UserNotFound_ReturnsBadRequest() {
-        // Arrange
-        Long userId = 1L;
-        doThrow(new RuntimeException("User not found")).when(userService).promoteToManager(userId);
-
-        // Act
-        ResponseEntity<?> response = userController.promoteToManager(userId);
-
-        // Assert
-        assertEquals(400, response.getStatusCode().value());
-        assertEquals("User not found", response.getBody());
-        verify(userService, times(1)).promoteToManager(userId);
-    }
-
-    @Test
-    void revokeManagerRole_SuccessfulRevocation_ReturnsOkResponse() {
-        // Arrange
-        Long userId = 1L;
-        doNothing().when(userService).revokeManagerRole(userId);
-
-        // Act
-        ResponseEntity<?> response = userController.revokeManagerRole(userId);
-
-        // Assert
-        assertEquals(200, response.getStatusCode().value());
-        assertEquals("Manager role revoked successfully", response.getBody());
-        verify(userService, times(1)).revokeManagerRole(userId);
-    }
-
-    @Test
-    void revokeManagerRole_UserNotFound_ReturnsBadRequest() {
-        // Arrange
-        Long userId = 1L;
-        doThrow(new RuntimeException("User not found")).when(userService).revokeManagerRole(userId);
-
-        // Act
-        ResponseEntity<?> response = userController.revokeManagerRole(userId);
-
-        // Assert
-        assertEquals(400, response.getStatusCode().value());
-        assertEquals("User not found", response.getBody());
-        verify(userService, times(1)).revokeManagerRole(userId);
-    }
-
-    @Test
-    void promoteToSuperManager_SuccessfulPromotion_ReturnsOkResponse() {
-        // Arrange
-        Long userId = 1L;
-        UserDto expectedUser = new UserDto(userId, "John", "Doe", "john@test.com", null, null, "ROLE_ADMIN", null);
-        when(userService.promoteToAdmin(userId)).thenReturn(expectedUser);
-
-        // Act
-        ResponseEntity<?> response = userController.promoteToAdmin(userId);
-
-        // Assert
-        assertEquals(200, response.getStatusCode().value());
-        assertEquals("Admin role assigned successfully", response.getBody());
-        verify(userService, times(1)).promoteToAdmin(userId);
-    }
-
-    @Test
-    void promoteToAdmin_UserNotFound_ReturnsBadRequest() {
-        // Arrange
-        Long userId = 1L;
-        doThrow(new RuntimeException("User not found")).when(userService).promoteToAdmin(userId);
-
-        // Act
-        ResponseEntity<?> response = userController.promoteToAdmin(userId);
-
-        // Assert
-        assertEquals(400, response.getStatusCode().value());
-        assertEquals("User not found", response.getBody());
-        verify(userService, times(1)).promoteToAdmin(userId);
-    }
-
-    @Test
-    void revokeAdminRole_SuccessfulRevocation_ReturnsOkResponse() {
-        // Arrange
-        Long userId = 1L;
-        doNothing().when(userService).revokeAdminRole(userId);
+    @MockBean
+    private RoleRepository roleRepository;
 
-        // Act
-        ResponseEntity<?> response = userController.revokeAdminRole(userId);
+    @MockBean
+    private UserRepository userRepository;
 
-        // Assert
-        assertEquals(200, response.getStatusCode().value());
-        assertEquals("Admin role revoked successfully", response.getBody());
-        verify(userService, times(1)).revokeAdminRole(userId);
-    }
+    @MockBean
+    private UserAuthenticationProvider userAuthenticationProvider;
 
     @Test
-    void revokeAdminRole_UserNotFound_ReturnsBadRequest() {
-        // Arrange
-        Long userId = 1L;
-        doThrow(new RuntimeException("User not found")).when(userService).revokeAdminRole(userId);
+    void authenticatedUser_ReturnsCurrentUser_Doc() throws Exception {
 
-        // Act
-        ResponseEntity<?> response = userController.revokeAdminRole(userId);
+        UserDto mockUser = new UserDto(1L, "John", "Doe", "john@test.com", null, null, "USER", null);
 
-        // Assert
-        assertEquals(400, response.getStatusCode().value());
-        assertEquals("User not found", response.getBody());
-        verify(userService, times(1)).revokeAdminRole(userId);
-    }
+        Authentication authentication = Mockito.mock(Authentication.class);
+        Mockito.when(authentication.getPrincipal()).thenReturn(mockUser);
 
-    @Test
-    void downgradeAdminRole_SuccessfulDowngrade_ReturnsOkResponse() {
-        // Arrange
-        Long userId = 1L;
-        doNothing().when(userService).downgradeAdminRole(userId);
+        SecurityContext securityContext = Mockito.mock(SecurityContext.class);
+        Mockito.when(securityContext.getAuthentication()).thenReturn(authentication);
 
-        // Act
-        ResponseEntity<?> response = userController.downgradeAdminRole(userId);
+        SecurityContextHolder.setContext(securityContext);
 
-        // Assert
-        assertEquals(200, response.getStatusCode().value());
-        assertEquals("Admin role downgraded successfully", response.getBody());
-        verify(userService, times(1)).downgradeAdminRole(userId);
+        this.mockMvc.perform(get("/users/me")
+                .accept(MediaType.APPLICATION_JSON))
+                .andExpect(status().isOk())
+                .andDo(document("users/me", preprocessResponse(prettyPrint())));
     }
 
     @Test
-    void downgradeAdminRole_UserNotFound_ReturnsBadRequest() {
+    void allUsers_ReturnsListOfUsers_Doc() throws Exception {
         // Arrange
-        Long userId = 1L;
-        doThrow(new RuntimeException("User not found")).when(userService).downgradeAdminRole(userId);
-
-        // Act
-        ResponseEntity<?> response = userController.downgradeAdminRole(userId);
+        List<User> users = Arrays.asList(
+                new User(1L, "John", "Doe", "john@test.com", "pass", null, null, null),
+                new User(2L, "Jane", "Smith", "jane@test.com", "pass", null, null, null));
+        Mockito.when(userService.allUsers()).thenReturn(users);
 
-        // Assert
-        assertEquals(400, response.getStatusCode().value());
-        assertEquals("User not found", response.getBody());
-        verify(userService, times(1)).downgradeAdminRole(userId);
+        this.mockMvc.perform(get("/users/all")
+                .accept(MediaType.APPLICATION_JSON))
+                .andExpect(status().isOk())
+                .andDo(document("users/all", preprocessResponse(prettyPrint())));
     }
 
     @Test
-    void deleteUser_SuccessfulDeletion_ReturnsOkResponse() {
-        // Arrange
-        Long userId = 1L;
-        UserDto authenticatedUser = new UserDto(userId, null, null, null, null, null, null, null);
-        authenticatedUser.setLogin("manager@test.com");
-        authenticatedUser.setMainRole("ROLE_MANAGER");
+    void promoteToManager_Successful_ReturnsUserDto_Doc() throws Exception {
+        UserDto mockUser = new UserDto(1L, "John", "Doe", "john@test.com", null, null, "Admin", null);
 
-        when(securityContext.getAuthentication()).thenReturn(authentication);
-        when(authentication.getPrincipal()).thenReturn(authenticatedUser);
-        doNothing().when(userService).deleteUser(userId);
+        Authentication authentication = Mockito.mock(Authentication.class);
+        Mockito.when(authentication.getPrincipal()).thenReturn(mockUser);
 
-        // Act
-        ResponseEntity<?> response = userController.deleteUser(userId);
+        SecurityContext securityContext = Mockito.mock(SecurityContext.class);
+        Mockito.when(securityContext.getAuthentication()).thenReturn(authentication);
 
-        // Assert
-        assertEquals(200, response.getStatusCode().value());
-        assertEquals("User deleted successfully", response.getBody());
-        verify(userService, times(1)).deleteUser(userId);
-    }
-
-    @Test
-    void deleteUser_UserNotFound_ReturnsBadRequest() {
+        SecurityContextHolder.setContext(securityContext);
         // Arrange
-        Long userId = 1L;
-        UserDto authenticatedUser = new UserDto(userId, null, null, null, null, null, null, null);
-        authenticatedUser.setLogin("manager@test.com");
-        authenticatedUser.setMainRole("ROLE_MANAGER");
+        Long userId = 2L;
+        UserDto expectedDto = new UserDto(2L, "Jane", "Smith", "jane@test.com", null, null, "MANAGER", null);
 
-        when(securityContext.getAuthentication()).thenReturn(authentication);
-        when(authentication.getPrincipal()).thenReturn(authenticatedUser);
-        doThrow(new RuntimeException("User not found")).when(userService).deleteUser(userId);
-
-        // Act
-        ResponseEntity<?> response = userController.deleteUser(userId);
+        when(userService.promoteToManager(userId)).thenReturn(expectedDto);
 
-        // Assert
-        assertEquals(400, response.getStatusCode().value());
-        assertEquals("User not found", response.getBody());
-        verify(userService, times(1)).deleteUser(userId);
+        this.mockMvc.perform(put("/users/{userId}/promote-manager", userId)
+                .accept(MediaType.APPLICATION_JSON))
+                .andExpect(status().isOk())
+                .andDo(document("users/promote-manager", preprocessResponse(prettyPrint())));
     }
 
-    @Test
-    void deleteUser_UnauthorizedAccess_ReturnsBadRequest() {
-        // Arrange
-        Long userId = 1L;
-        UserDto authenticatedUser = new UserDto(userId, null, null, null, null, null, null, null);
-        authenticatedUser.setLogin("user@test.com");
-        authenticatedUser.setMainRole("USER");
-
-        when(securityContext.getAuthentication()).thenReturn(authentication);
-        when(authentication.getPrincipal()).thenReturn(authenticatedUser);
-        doThrow(new RuntimeException("You don't have the necessary rights to perform this action"))
-            .when(userService).deleteUser(userId);
-
-        // Act
-        ResponseEntity<?> response = userController.deleteUser(userId);
-
-        // Assert
-        assertEquals(400, response.getStatusCode().value());
-        assertEquals("You don't have the necessary rights to perform this action", response.getBody());
-        verify(userService, times(1)).deleteUser(userId);
-    }
-} 
\ No newline at end of file
+}