hyperswitch icon indicating copy to clipboard operation
hyperswitch copied to clipboard
verified publisher icon juspay

Discussion regarding the new structure for users

Open tsdk02 opened this issue 9 months ago • 2 comments

Formulate a method to extend the scope to all product type merchant accounts (other than currently existing orchestration)

tsdk02 avatar Mar 18 '25 11:03 tsdk02

With the existing v1 routes flow, the following points can be understood for inviting users to V2 merchant accounts.

Profile Level Roles:

Invite Users to V2 merchant account with profile level roles will succeed, as org_id, merchant_id, and profile_id are available for the user in the user_roles table.

  • If only invited to v2 merchant account, one entry in user_roles table, and credentials can be taken to form the jwt token
  • If already existing user, have both v1 and v2 merchant account roles, sign in still possible as credentials available in user_roles table to form the jwt token

Org Level Roles:

Invite Users to V2 merchant account with org_admin role will succeed, as org_id is available for the user in the user_roles table.

  • This will always succeed.
  • User roles table will have org_id
  • It will query merchant_account table with the org_id and get a v1 merchant account (which always will exist, the orchestrator account)
  • Sign in will happen to this v1 merchant account, and then the user can switch to the v2 merchant account.

Merchant Level Roles:

Invite Users to V2 merchant account with merchant_admin role failed. In user_roles table, you will have the org_id and merchant_id User roles table will have org_id and merchant_id. There are 2 cases for this:

  • Case 1:
    • If the merchant_id is of v1 merchant account, it will query v1 business_profile table and get a profile_id and then form jwt token to sign in to v1 merchant account, and then switch to v2 merchant account
  • Case 2:
    • If the merchant_id is of v2 merchant account, it will query v1 business_profile table and will not find a profile_id associated with the merchant_id, so jwt token cannot be formed.

tsdk02 avatar Mar 20 '25 12:03 tsdk02

The V1 and V2 schema tables for merchant_account need to be merged into a global schema, which can be accessed by both v1 and v2 deployments, to enable sign-in for the users who are invited only to v2 merchant accounts.

Sign-in routes need to be created for v2, which will be the way forward, to sign-in to v1 as well as v2 merchant accounts, as querying can be done based on id column from these accounts tables.

tsdk02 avatar Mar 26 '25 04:03 tsdk02