User Administration Service
Component Detail
Description
Backend service layer implementing the full user lifecycle for org admins: sending tokenized invitation emails, completing registration, updating profile data, and deactivating users via status flag. All operations are scoped to the requesting admin's organization for multi-tenant isolation.
user-administration-service
Sources & reasoning
This service encapsulates all server-side user lifecycle logic. The 48-hour invite token, status-flag deactivation (preserving audit data), org-scoped queries, and session revocation on deactivation are all described explicitly in the implementation notes and must live in a single authoritative service.
No source references — this artifact was included based on reasoning alone (see above).
Responsibilities
- Generate and send 48-hour tokenized invitation emails to new users
- Complete user registration when the invitation token is redeemed
- Update user profile fields (name, email) within org scope
- Deactivate users by setting a status flag, preserving audit trail and historical activity data
- Revoke active session tokens on deactivation
Interfaces
inviteUser(email: string, role: string, orgId: string): Promise<InviteResult>
completeRegistration(token: string, password: string): Promise<User>
updateUser(userId: string, patch: Partial<User>, orgId: string): Promise<User>
deactivateUser(userId: string, orgId: string): Promise<void>
listUsers(orgId: string, filters: UserFilter): Promise<PaginatedUsers>
getUser(userId: string, orgId: string): Promise<User>
resendInvite(userId: string, orgId: string): Promise<void>
Relationships
Related Data Entities (3)
Data entities managed by this component