User profiles
User profiles
Overview
The API includes two type of user profiles:
- A base user profile populated from resource owner user attributes. This may be done by an integrated CRM system or from federated user attributes during the authentication process. The profile should be updated when a change is made at the resource owner.
- A base profile is created on-demand when a system specific profile is being requested, but a base profile does not exist yet.
- The profile can only be accessed using the user profile id (a hash of external user id, tenant id and issuer)
- Multiple system specific user profiles which may add to, or override, the base user profile if required. The system specific user profile has its own unique identifier and must only be used in a single software system. The unique identifier is central to the data isolation and privacy design in the API.
- A system profile can only be accessed with the following:
- The system ID and a Hii Retail user access token
- The system ID and the user profile id (a hash of external user id, tenant id and issuer)
- A system user profile does not expose any reference to the original external user ID.
- A system profile can only be accessed with the following:
The user profile model is based on SCIM 2 and reuses definitions and terms from RFC7643. The modelling has been extended to include custom attributes in a well-defined schema.