Overview :
Sunbird system is allowing user to login with following ways.
...
Existing request | New request |
---|---|
channel | State ID |
userName | External User ID |
firstName | External school (org) ID |
lastName | Name |
phone | Roles |
phone/email |
...
Request key | Mapped |
---|---|
State ID | channel |
External User ID | externalId (identify of user within state system) |
External school (org) ID | org external id |
Name | FirstName |
externalIdProvider (Under which system it's unique. here it's state, so provider will be channel) | |
externalIdType (Type of externalId, example: PAN Card) |
...
Once user found in getUserByIdentifier api, system will check loginId attribute , if this value is not null or empty then decrypt it and provide inside userName. Otherwise make call to keycloak and update return userName inside cassandra as well, so that next time we don't need to make keycloak call.
Create user :
Code Block | ||||
---|---|---|---|---|
| ||||
{ "request": { "firstName": "firstName+ lastname", "email/phone": "emailOrPhone", "channel": "channelValue", "orgExternalId":"orgexternalId", "externalIds":[ { "id":"externalId", "provider":"id Provider", "idType" : "id provider type" } ] } } |
Once user is created using SSO , caller can make another api call to assign roles.
URI: /user/v1/role/assign
Code Block | ||||
---|---|---|---|---|
| ||||
{ "request": { "userId": "", "organisationId": "", "roles": [ "CONTENTCREATOR", "CONTENTREVIEWER", "CONTENTCURATION", "FLAGREVIEWER" ] } } |
...