Invitation Token Service
Component Detail
Service Layer
low complexity
backend
0
Dependencies
1
Dependents
2
Entities
0
Integrations
Description
Generates, stores, and validates short-lived cryptographic tokens used in user invitation emails. Tokens expire after 48 hours; redemption invalidates the token and transitions the user from invited to active status.
invitation-token-service
Sources & reasoning
Invitation sends a tokenized email link expiring after 48 hours per the implementation notes. Isolating token lifecycle management into its own service keeps the User Administration Service clean and makes token logic independently testable.
No source references — this artifact was included based on reasoning alone (see above).
Responsibilities
- Generate a cryptographically random invitation token and persist with expiry
- Validate a submitted token and check expiry
- Invalidate a token after successful redemption
- Support resend by invalidating the old token and issuing a new one
Interfaces
createToken(userId: string): Promise<string>
validateToken(token: string): Promise<{ userId: string } | null>
invalidateToken(token: string): Promise<void>
rotateToken(userId: string): Promise<string>
Relationships
Related Data Entities (2)
Data entities managed by this component