Introduction# This PRD specifies the requirements for the User Addition Feature within Zenskar’s User Access Management Dashboard. Zenskar Dashboard, enabling hierarchical user addition and access assignment by SuperAdmins and Admins.
For a comprehensive understanding of Zenskar and its Access Management Dashboard, refer to the detailed overview:
Purpose
Add Users: Enable the Super Admin and Admins to add new users to the Zenskar platform.Assign Role and Access : Assign specific roles and access rights to new users, ensuring they have the necessary permissions to perform their tasks.
Functional Specifications (User Addition Workflow)# 1️⃣ Permissions Matrix
The following table outlines the capabilities of each role in the user addition process:
Users Hierarchy
Super-Admin > Admin > Normal Users
Super Admin Role
Creation : The account which purchased the subscription is Super Admin.Permissions : Full user management and billing access.Admin Role
Creation : Super-Admin can only assign Admin roles to users.Permissions : Access to create, modify or delete a team in the respective domain.Regular User Role
Creation : Created by respective Admins.Permissions : Access to assigned application features only.2️⃣ User Account Management
Creating User AccountsFields : Name, Organisation’s Email, Secondary Email, Domain (Sales / Finance / Tech), Role (User / Admin / SuperAdmin)Validation : Organisation’s Email: only company’s domain. Secondary Email: Only @icloud.com, @gmail.com, or @outlook.com to avoid fake temporary emails.Email Format : Use Regex [^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+.[a-zA-Z]{2,}$]. Modifying User AccountsAllow edits : Name, Role, Department.Restrictions : Secondary Email is non-editable. Deleting User AccountsProcess : Soft delete with a 30-day recovery period,Permissions : Only Admins and Super Admin. 3️⃣ New User Invitation Process
Inviting New UsersFunctionality : Admins and Super Admins can invite new users.Method : Invitations will be sent via email containing a unique link.Expiry Period : The invitation link will have an expiry period of 72 hours. Account Creation for Invitees:Requirement : Invitees must create a Zenskar account to accept an invitation.Process : On clicking the invitation link, non-registered users will be redirected to the account creation page. Dashboard Feature for InvitationsImplementation : A tab to be made in the dashboards of Super Admins and Admins to add and invite new users.Functionality : It will allow them to manage invitations, track pending invitations, and view the history of sent invitations. 4️⃣ Access Rights and Permissions
Assigning RolesProcess : Default to ‘user’; Super Admin elevates roles from a predefined list to promote them to admin or demote. Assigning Domain/DepartmentProcess : SuperAdmin can set at creation. Users will inherit their creator Domain. Managing PermissionsSuper Admins: Have all the permissions.Admins and Users: Defined per domain:Role Domain Access Sales Access to Contract Builder, Customer Data, CRM Integration Tech Access to Usage Data, Integration APIs Finance Access to Invoice Builder, Payments Board, Payment Reminders
User Interface : Super Admins get a dedicated dashboard to create users, assign admin roles and see audit and compliance reports. Admins get a similar dashboard but are limited to respective team building and reports. Revoking AccessImmediate Effect : Access is revoked in real-time and logged with timestamps.Revoking Hierarchy : Super-Admin > Admin > Normal User. 5️⃣ Testing Strategy
Unit Testing: Ensure individual components meet functional requirements.Integration Testing: Validate interactions between different parts of the UAM feature.User Acceptance Testing: Conduct tests with target user groups to confirm usability and effectiveness.6️⃣ Audit and Compliance
User Activity LogsContents : Login attempts, changes made, timestamps. (Logs should record who made the change, when, and what the change was).Access : Respective Admins and Super Admin. Monthly Compliance Reports detailing user list, role changes, and access revocations. 7️⃣ Use Cases
Super Admin Onboarding : A super admin sets up their organisation’s structure in Zenskar, defining roles and permissions.Role Modification : An admin modifies user roles to reflect changes in the team structure.8️⃣ Technical Requirements
To define specific API endpoints for user management functions. To outline data storage needs for user information and logs.
📌 Non-Functional Specifications
Security:At Rest : AES-256 encryption.In Transit : TLS 1.3.Authentication Method : OAuth 2.0, Multi-Factor Authentication (MFA) Performance:Response times ≤ 2 seconds for user actions ≤ 5 seconds for system actions, scalable up to 10,000 users. Reliability: Target 99.9% uptime daily backups. Compliance:GDPR Data Protection Regulation. ISO 27001 Compliance Auditing Standard
Conclusion# This PRD provides a comprehensive specification for the UAM feature in Zenskar, aiming to deliver clear, precise requirements to the development team and facilitate a development process without the need for assumptions.
Full-text article# Read article