
This document describes the design approach of creating and switching of Managed User’s account


Jira Issue:


Presently only user having email address or phone number can register and use application.

Problem Statement:

  1. How managed user account can be created.

  2. How to switch between different managed user account and user account.

Key design problems:

  1. How to map actions performed by managed user to his account.
    Telemetry should be mapped with different user ID.

  2. Device ID will be same for user and managed user.

Existing workflow:

User login in to his account and starts using application.

Change request: As part of user should be able to switch and create profiles.

Below is data store in session

  "cookie": {
    "originalMaxAge": null,
    "expires": null,
    "httpOnly": true,
    "path": "/"
  "auth_redirect_uri": "http://localhost:3000/profile?auth_callback=1",
  "keycloak-token": {
    "access_token": "aJcYtJvbeZmEKMZRSG9jctEb5Vug_nL5aU6O15aT2v6QSGL_nqPfI2ZRdG2At7o9jecCDlg",
    "expires_in": 172795,
    "refresh_expires_in": 172795,
    "refresh_token": "-uc7ElglOgx5YmKm11KepmPQQp7X43yaQYLxYs",
    "token_type": "bearer",
    "id_token": "-hq2iMbBMUPTto1Xi0xDGhXQo1p4FBCExBNcsbJQkjmk4RiOyO_7VlJKMuz0V2tPwLkpoAxroE-O5LZtvbvRxhVyFcdiLl0r_6HAX1gwfZPySPqm4RHDKedLBiU94sCafImeMnhyQVgUm-eK47uveybbinueWyBlTyGszlIkecAKYEaA",
    "not-before-policy": 1565356374,
    "session_state": "682b012d-2466-4d84-98cb-f46cdec4057a",
    "scope": "openid"
  "userId": "95e4942d-cbe8-477d-aebd-ad8e6de4bfc8",
  "roles": [
  "orgs": [
  "rootOrgId": "ORG_001",
  "rootOrghashTagId": "b00bc992ef25f1a9a8d63291e20efc8d",
  "rootOrg": {
    "dateTime": null,
    "preferredLanguage": "English",
    "keys": {
      "signKeys": [
      "encKeys": [
    "approvedBy": null,
    "channel": "ROOT_ORG",
    "description": "Andhra State Boardsssssss",
    "updatedDate": "2018-11-28 10:00:08:675+0000",
    "addressId": null,
    "provider": null,
    "locationId": null,
    "orgCode": "sunbird",
    "theme": null,
    "id": "ORG_001",
    "communityId": null,
    "isApproved": null,
    "email": "",
    "slug": "sunbird",
    "identifier": "ORG_001",
    "thumbnail": null,
    "orgName": "Sunbird",
    "updatedBy": "1d7b85b0-3502-4536-a846-d3a51fd0aeea",
    "locationIds": [
    "externalId": null,
    "isRootOrg": true,
    "rootOrgId": "ORG_001",
    "approvedDate": null,
    "imgUrl": null,
    "homeUrl": null,
    "orgTypeId": null,
    "isDefault": true,
    "contactDetail": [
        "phone": "213124234234",
        "email": ""
        "phone": "+91213124234234",
        "email": ""
    "createdDate": null,
    "createdBy": null,
    "parentOrgId": null,
    "hashTagId": "b00bc992ef25f1a9a8d63291e20efc8d",
    "noOfMembers": 5,
    "status": 1

Solution 1:

Create separate session - 1. User session

2. Managed user session.

Both sessions should reference to each other internally.

It can be handled via 2 different approaches -



  1. Maintaining multiple sessions could be cumbersome and lead to errors.

  2. Adding prefix to routes could be extra work.

Solution 2:

Changes references like userid roles and other necessary things in existing session and portal automatically starts to use that.

Things to reinitialise -

Proposed changes to session object

  "cookie": {
    "originalMaxAge": null,
    "expires": null,
    "httpOnly": true,
    "path": "/"
  "auth_redirect_uri": "http://localhost:3000/profile?auth_callback=1",
  // same parent object session token 
  "keycloak-token": {
    "access_token": "g",
    "expires_in": 172795,
    "refresh_expires_in": 172795,
    "refresh_token": " sss",
    "token_type": "bearer",
    "id_token": "eYEaA",
    "not-before-policy": 1565356374,
    "session_state": "682b012d-2466-4d84-98cb-f46cdec4057a",
    "scope": "openid"
  "userId": "managed user Id",
  "roles": [
    "MANAGED ",
  "orgs": [
  "rootOrgId": "ORG_001",
  "rootOrghashTagId": "b00bc992ef25f1a9a8d63291e20efc8d",
  "rootOrg": {
    "dateTime": null,
    "preferredLanguage": "English",
    "keys": {
      "signKeys": [
      "encKeys": [
    "approvedBy": null,
    "channel": "ROOT_ORG",
    "description": "Andhra State Boardsssssss",
    "updatedDate": "2018-11-28 10:00:08:675+0000",
    "addressId": null,
    "provider": null,
    "locationId": null,
    "orgCode": "sunbird",
    "theme": null,
    "id": "ORG_001",
    "communityId": null,
    "isApproved": null,
    "email": "",
    "slug": "sunbird",
    "identifier": "ORG_001",
    "thumbnail": null,
    "orgName": "Sunbird",
    "updatedBy": "1d7b85b0-3502-4536-a846-d3a51fd0aeea",
    "locationIds": [
    "externalId": null,
    "isRootOrg": true,
    "rootOrgId": "ORG_001",
    "approvedDate": null,
    "imgUrl": null,
    "homeUrl": null,
    "orgTypeId": null,
    "isDefault": true,
    "contactDetail": [
        "phone": "213124234234",
        "email": ""
        "phone": "+91213124234234",
        "email": ""
    "createdDate": null,
    "createdBy": null,
    "parentOrgId": null,
    "hashTagId": "b00bc992ef25f1a9a8d63291e20efc8d",
    "noOfMembers": 5,
    "status": 1
  parentToken: {
    "auth_redirect_uri": "http://localhost:3000/profile?auth_callback=1",
    "userId": "parent user Id",
    "roles": [
    "orgs": [
    "rootOrgId": "ORG_001",
    "rootOrghashTagId": "b00bc992ef25f1a9a8d63291e20efc8d",
    "rootOrg": {
      "dateTime": null,
      "preferredLanguage": "English",
      "keys": {
        "signKeys": [
        "encKeys": [
      "approvedBy": null,
      "channel": "ROOT_ORG",
      "description": "Andhra State Boardsssssss",
      "updatedDate": "2018-11-28 10:00:08:675+0000",
      "addressId": null,
      "provider": null,
      "locationId": null,
      "orgCode": "sunbird",
      "theme": null,
      "id": "ORG_001",
      "communityId": null,
      "isApproved": null,
      "email": "",
      "slug": "sunbird",
      "identifier": "ORG_001",
      "thumbnail": null,
      "orgName": "Sunbird",
      "updatedBy": "1d7b85b0-3502-4536-a846-d3a51fd0aeea",
      "locationIds": [
      "externalId": null,
      "isRootOrg": true,
      "rootOrgId": "ORG_001",
      "approvedDate": null,
      "imgUrl": null,
      "homeUrl": null,
      "orgTypeId": null,
      "isDefault": true,
      "contactDetail": [
          "phone": "213124234234",
          "email": ""
          "phone": "+91213124234234",
          "email": ""
      "createdDate": null,
      "createdBy": null,
      "parentOrgId": null,
      "hashTagId": "b00bc992ef25f1a9a8d63291e20efc8d",
      "noOfMembers": 5,
      "status": 1


  1. Simple to do.


  1. Increasing size of session data.

  2. Managing session data each time when profile is switched.

  3. Session ID remains same for user and managed user profile

Solution 3:

Things to reinitialise -

Challenges :

Notes -

Things to discuss -