This service handles identity management and access control in the platform.
- Listen to NPO and Candidate registrations in the system to create corresponding users.
- User management APIs - CRUD
- Create/update a user profile, metadata (npo_id, etc)
- Update user avatars
- Reset & Change Password
- Roles and permissions management - CRUD
- Send emails (publish to an email topic) to users on successful creation, reset/change password, etc.
- Feasibility (time) - Since all the users and many services in the platform rely on auth service for identity and access control, this service becomes core to the platform and should be developed the earliest.
- Availability - Since this is a core service, this service needs to be highly available to support features in the platform.
- Data integrity - Auth service will not be able to function as expected if the data it stores is not accurate or consistent. So, data integrity is important for this service.
- Scalability - Since this is a core service, traffic on this service is expected to quickly rise with the increase in no. of NPOs and candidates.
- Responsiveness - Since this service is a core service, it should be able to respond to requests as quickly as possible.
- Security - Since this service stores PII, data life cycle needs to follow certain compliance rules.
Hybrid - Microservices and Event-Driven