Basic flow
The diagram below shows the happy flow how microservices
are checking the access of a user. The various points of
allowing access may result in access denied error.
Front-end Front-end accounts accounts ServiceX ServiceX authorize code get access_token (authorization_code) access_token get data get access token (client_credentials) get access_token is this access_token valid? yes it is access_token has scope? is authorized (role) yes user is authorized here is your requested data
Change membership roles flow
Poc_care Accounts LoginProvider Admin RolesComponent RolesComponent MembershipHandler MembershipHandler WebhookHandler WebhookHandler EventBus EventBus AccountsDatabaseListener AccountsDatabaseListener Account Account AccountsTable AccountsTable Database Database UserHandler UserHandler EventBus2 EventBus2 WebhookListener WebhookListener WebhookService WebhookService ADProvider ADProvider OldCareProvider OldCareProvider Phoenix Phoenix updateMembershipRoles [POST] updateMembershipRoles alt [provider === cloud] changeRoles() NOOP cannot update roles in AD return [provider === oldcare] changeRoles() insert membership roles save in DB return return Publish unpublishedEvents apply call() [POST] Send webhook MembershipWasModified event publish MembershipWasModified apply() applyEvent(MembershipWasModified) applyMembershipWasModified(MembershipWasModified)) save() SQL insert membership roles 202 Accepted 202 Accepted 202 Accepted