User Management Service
- Paul Hoang (Unlicensed)
The UMS (User Management Service) is the application used to create, update and delete (manage) TIS users.
Some of the features include
- creating (trust) users
- assigning local offices to users
- updating passwords
- updating roles
- disabling users
- searching for users
- pagination
The main reasoning for creating a service such as this is because we use 2 different services for both authentication (Keycloak) and
authorisation (Profile service). Ensuring that both services are in sync and correct can be difficult and tiresome.
UMS wraps all of that management in one place.
The previous system that allowed for user creation was to create the user in KC and assign the roles (which caused KC to know about roles when it shouldnt need to)
then have the admin service to call a customised userinfo endpoint which would attempt to get the new user (and fail) then create the user with the correct details.
This then caused the profile service to have a reliance on KC and it was also attempting to keep roles insync
UMS can be accessed on all environments at the address: http://<ENV->apps.tis.nhs.uk/usermanagement/allUsers
In order for a user to access this service, they must have the HEE User Admin role assigned to them
Related content
Slack: https://hee-nhs-tis.slack.com/
Jira issues: https://hee-tis.atlassian.net/issues/?filter=14213