diff --git a/backend/app/api/routes/users.py b/backend/app/api/routes/users.py
index 94eccd06..12761875 100644
--- a/backend/app/api/routes/users.py
+++ b/backend/app/api/routes/users.py
@@ -121,8 +121,15 @@ def delete_user_me(session: SessionDep, current_user: CurrentUser) -> Any:
     return Message(message="User deleted successfully")
 
 
-@router.post("/signup", response_model=UserPublic)
+@router.post(
+    "/signup",
+    dependencies=[Depends(get_current_active_superuser)],
+    response_model=UserPublic,
+)
 def register_user(session: SessionDep, user_in: UserRegister) -> Any:
+    """
+    This endpoint allows the registration of a new user and is accessible only by a superuser.
+    """
     if get_user_by_email(session=session, email=user_in.email):
         raise HTTPException(
             status_code=400,
diff --git a/backend/app/tests/api/routes/test_users.py b/backend/app/tests/api/routes/test_users.py
index b7721f86..4b7c3fde 100644
--- a/backend/app/tests/api/routes/test_users.py
+++ b/backend/app/tests/api/routes/test_users.py
@@ -259,13 +259,16 @@ def test_update_password_me_same_password_error(
     assert updated_user["error"] == "New password cannot be the same as the current one"
 
 
-def test_register_user(client: TestClient, db: Session) -> None:
+def test_register_user(
+    client: TestClient, superuser_token_headers: dict[str, str], db: Session
+) -> None:
     username = random_email()
     password = random_lower_string()
     full_name = random_lower_string()
     data = {"email": username, "password": password, "full_name": full_name}
     r = client.post(
         f"{settings.API_V1_STR}/users/signup",
+        headers=superuser_token_headers,
         json=data,
     )
     assert r.status_code == 200
@@ -281,7 +284,9 @@ def test_register_user(client: TestClient, db: Session) -> None:
     assert verify_password(password, user_db.hashed_password)
 
 
-def test_register_user_already_exists_error(client: TestClient) -> None:
+def test_register_user_already_exists_error(
+    client: TestClient, superuser_token_headers: dict[str, str]
+) -> None:
     password = random_lower_string()
     full_name = random_lower_string()
     data = {
@@ -291,6 +296,7 @@ def test_register_user_already_exists_error(client: TestClient) -> None:
     }
     r = client.post(
         f"{settings.API_V1_STR}/users/signup",
+        headers=superuser_token_headers,
         json=data,
     )
     assert r.status_code == 400