E1: User & Profile Management¶
Overview¶
Bounded Context / Service: User/Profile Service, Mobile App
Goal: Enable users to register, authenticate, and manage their ticketing profiles for streamlined purchases.
Priority: High
Primary User Roles¶
- Fan (registered user)
- Admin (for user lookup/support)
Scope¶
In-Scope¶
- User registration with OIB verification
- Authentication (email/password, SSO)
- Default ticketing profile management
- Saved profiles for family/friends (max 10)
- OIB checksum validation
- Apple SSO hidden email workaround
- Profile data encryption
Out-of-Scope¶
- Two-factor authentication for end users (admin only)
- Social login beyond Apple/Google SSO
- User deletion/GDPR self-service (handled via support)
Features¶
| ID | Feature | Size | Description |
|---|---|---|---|
| E1-F1 | User Registration API | S | POST /users/register with OIB validation |
| E1-F2 | User Authentication | S | JWT tokens, login/logout, refresh |
| E1-F3 | Default Ticketing Profile | S | User's own profile management |
| E1-F4 | Saved Profiles | S | Family/friends profiles (max 10) |
| E1-F5 | OIB Checksum Validation | S | Croatian OIB validation service |
Dependencies¶
- PostgreSQL database for user data
- Encryption service for PII
Risks & Open Questions¶
OQ-E1-1: OIB Checksum Algorithm
What is the exact OIB checksum algorithm?
Assumption: Use ISO 7064, MOD 11-10 (Croatian standard).
OQ-E1-2: SSO Configuration
What are the specific SSO configurations for Apple and Google login?
Impact: Delays SSO implementation until credentials provided.
Related Documentation¶
Last Updated: January 2026