docs: update the technical user creation documentation

Refs: #453
eclipse-tractusx · Jan 21, 2025 · 65c43bb · 65c43bb
1 parent 6551d7b
commit 65c43bb
Showing 1 changed file with 17 additions and 14 deletions.
diff --git a/docs/developer/03. User Management/03. Technical User/03. Create Technical User.md b/docs/developer/03. User Management/03. Technical User/03. Create Technical User.md
@@ -13,7 +13,7 @@ As soon as the user management is displayed, a button "Technical User Management
 
 <br>
 
-### Get Service Account Role Profiles
+### Get Technical User Role Profiles
 
 Technical users are currently managed under one single client. "Tech_User_Management" client.
 All technical user roles are created inside this client as "composite role". With that, permissions of the actual client where the technical client will need to get access to, can get assigned to the roles inside the client "Tech_User_Management".
@@ -51,9 +51,9 @@ Data Mapping
 <br>
 <br>
 
-### Create Service Account
+### Create Technical User
 
-Create new service account under the same company as the executing user  
+Create new technical user under the same company as the executing user  
 Permission: "add_tech_user_management"
 <br>
 <br>
@@ -62,10 +62,10 @@ With the POST api, the backend service will
 
 - creates the user inside keycloak central idp
 - updates the data inside portal iam_service_accounts
-- updates the data inside portal company_service_accounts
+- updates the data inside portal technical_users
   - service_account type is automatically set to "own"
   - subscription_id NULL
-- updates the data inside portal company_service_accounts_assigned_roles
+- updates the data inside portal technical_users_assigned_roles
 - As part of the user creation, the user gets set to "ACTIVE" inside the portal db.
 
 <br>
@@ -110,13 +110,13 @@ Response Body
 <br>
 <br>
 
-### Show Tech. Service Account Details (of just created Account)
+### Show Tech. Technical User Details (of just created Account)
 
 The endpoint provides the possibility to look up technical user details
 Permission: "view_tech_user_management"
 <br>
 <br>
-Technical Service Account Detail information
+Technical Technical User Detail information
 <br>
 
 - id
@@ -156,25 +156,28 @@ Response Body
 <br>
 
 > **Note**
-> The service account type provides the information if the service account is a own created service account or a service account which is created by app/service provider of an managed offer subscription.
+> The technical user type provides the information if the technical user is a own created technical user or a technical user which is created by app/service provider of an managed offer subscription.
 
 <br>
 <br>
 
-### Service Accounts Created via service/app subscription
+### Technical Users Created via service/app subscription
 
-If the service account is created due to a service/app activation; the service account user is created by the app/service provider; but connected to the actual customer (owner of the user).  
-With that, the customer as well as the offer provider should be able to view the service account with certain privileges.
+When a technical user is created as part of a service or app activation, it is generated by the app or service provider (referred to as the offer provider) and associated with the actual customer (the user's owner).
+
+During the app registration process, the offer provider can configure technical user profiles. If a technical user profile includes a role listed in the `UserRolesAccessibleByProviderOnly` configuration, the created technical user will be classified as provider_owned.
+
+If the selected roles are not in the `UserRolesAccessibleByProviderOnly` configuration, the technical user will be visible to both the offer provider and the customer. Otherwise, it will only be visible to the offer provider.
 
 With the POST api, the backend service will
 <br>
 
 - creates the user inside Keycloak central idp
 - updates the data inside portal iam_service_accounts
-- updates the data inside portal company_service_accounts
-  - service_account type is automatically set to "managed"
+- updates the data inside portal technical_users
+  - depending on the selected roles the technical_user_type_id is either set to `managed` or `provider_owned`
   - subscription_id is filled by the customer app/service subscriptionID
-- updates the data inside portal company_service_accounts_assigned_roles
+- updates the data inside portal technical_users_assigned_roles
 - As part of the user creation, the user gets set to "ACTIVE" inside the portal db.
 
 ```diff