wiki-cafe/member-console
0
0
Fork 0
Code Issues Pull Requests Packages Projects 1 Releases Activity
Files
8065d4837aff
member-console/internal/provisioning/README.md
Christian Galo 6330ae7a42 Grants management!
2026-03-24 17:35:14 -05:00

874 B
Raw Blame History

Provisioning Module

The provisioning module orchestrates first-login auto-provisioning. When a user authenticates via OIDC for the first time, AutoProvision creates all governance and resource structures within a single database transaction:

  1. User — identity record linked to the OIDC subject
  2. Person — profile record (display name, email)
  3. Organization — personal org (org_type = 'personal')
  4. OrgMember — membership with the owner system role
  5. Workspace — default workspace within the org
  6. Role Assignment — org-scoped role assignment for the owner
  7. Resource Pool — default pool (pool_type = 'default', is_auto_managed = true)
  8. Pool Assignment — primary link between workspace and pool (is_primary = true)

If any step fails, the entire transaction rolls back — no partial structures exist.