Overview :
...
| Existing request | New request |
|---|---|
| channel | State ID |
| userName | External User ID |
| firstName | External school (org) ID |
| lastName | Name |
| phone | Roles |
| phone/email |
...
| Request key | Mapped |
|---|---|
| State ID | channel |
| External User ID | externalId (identify of user within state system) |
| External school (org) ID | org external id |
| Name | FirstName |
| externalIdProvider (Under which system it's unique. here it's state, so provider will be channel) | |
| externalIdType (Type of externalId, example: PAN Card) |
...
Once user is created using SSO , caller can make another api call to assign roles.
URI: /user/v1/role/assign
| Code Block | ||||
|---|---|---|---|---|
| ||||
{
"request": {
"userId": "",
"organisationId": "",
"roles": [
"CONTENTCREATOR",
"CONTENTREVIEWER",
"CONTENTCURATION",
"FLAGREVIEWER"
]
}
} |
...
Mobile/Portal design for SSO: /wiki/spaces/DPT/pages/894369793
As in SSO workflow , caller is checking if user phone is not associated with profile then ask user to complete phone number verification and then do profile update. It means during getUserByIdentity they need maskPhone as well.