from dev group:
This is something I have been thinking about for some time. Currently when a user is created we need to send two requests. I think we could merge them and send a single one to the auth service and it would be responsible to send correct data to the reference data service. In this case from the UI perspective we have a single request to the backend. We would only need to disable some endpoints from the reference data for the users so they need to use endpoint in the auth service. Also in this case it should be easy to check if email address has been changed.
Example of the happy path:
- the auth service gets a user creation/update request
- verification of auth data
- send reference data to the correct service and wait for response
- save auth data to the database
- return response
- user should not be able to call user create/update endpoint from the reference data
- user should use the related endpoint from the auth service for user creation/update
- the reference data part of user data should still be available in the reference data service.
- update UI to use one endpoint
- admin should still be able to create/update user on related screens
- user should be still be able to update basic details on profile screen