Skip to main content Skip to docs navigation

User product log

The UPL stores the Auth0 ID, product name and a log of when a user has logged into a given product (i.e., creating a new row in the datastore for each login). This replacement will remove the requirement for products to synchronise their local accounts with the Central Account Repository, significantly reducing the onboarding complexity and level of maintenance required by myMLA and MLA Product development teams.

Data flow

The dataflows for myMLA 2.0 following replacement of the Central Account Repository with the UPL are shown in Figure 3 and detailed below.

  1. Identity – Each product will implement Auth0 ‘off the shelf’.
  2. Authorisation – Each product will ensure who can login and what permissions they have are managed within their product. No reference to any external system should be made for Authorisation.
  3. Auth0 – Auth0 is the identity provider where all myMLA email addresses and passwords are stored.
  4. MyMLA user product log – This is the new entity to be created. When a user logs into a myMLA product (including myMLA itself), a row will be added to the datastore defining who logged into which product when.
  5. Product wwitcher – Consumes the UPL data.
  6. myMLA V2 – Consumes the UPL data to determine which products the user has accessed. myMLA can then use this information to determine if there are any products on this list that they want to call APIs to specific products to get specific information such as notifications/alerts.
  7. Product APIs - Used to expose custom data to the myMLA ecosystem. NOTE: Any product in the myMLA ecosystem can follow this process of identifying which products a user has in the UPL and then calling the individual product API to gather further information about this user from that product.
  8. Silent Login – Can automate the process of identification and authentication if the user is already signed into Auth0
dataflow diagram

Authentication

The user product log is protected by standard OAuth2 through the myMLA Auth0 provider. When requesting a token ensure that the audience is set to api.aws.mla.com.au. You can find an example of the authentication process in the postman collection below.

Hiding products

By default, the user product log returns all accessed and registered products for the current user. Users can hide individual products if they are not interested. This is indicated by the display property returned by the main API call.
See the swagger documentation for more information.

Onboarding

New products will need to be onboarded before they are available for selection in the user product log. Please contact MLA Helpdesk for more information.

Postman

Click here to download a postman collection showcasing the various functions of the user product log.

Usage

  • Download Postman here
  • Import the collection
  • Click the root node UPL production and select the Auth tab
  • Scroll down and click Get New Access Token. This will walk you through the Auth0 authentication process
  • When the access token appears after authentication, click Use Token
  • Then select the request you want to test and click Send