Goal: The System Administrator aims to effectively manage user sessions within applications utilizing Cripsa Inc Backend Systems. This includes user authentication, access token renewal, user attribute updates, and global sign-out, ensuring a seamless and secure user experience.

• System Administrator
• Cripsa Inc Backend Systems

• The System Administrator initiates the authentication workflow for end users through Cripsa Inc Backend Systems.
• The end user successfully logs in using their credentials or multi-factor authentication.

• Upon successful login, Cripsa Inc Backend Systems provide an Access Token, ID Token, and Refresh Token.
• The System Administrator stores these tokens in the application's database, associating them with the user's profile.

• When the Access Token is close to expiration, the System Administrator uses the Refresh Token to call the "Refresh Access Token" API endpoint.
• The API responds with a new Access Token, which is stored in the database, extending the user's session.

• The System Administrator can verify the Access Token's authenticity and expiration using the "verifyaccessoken" API endpoint.
• The client's application logic makes access control decisions based on the verification results.

• The System Administrator retrieves user details directly from the Access Token using the "userinfofromaccesstoken" API endpoint.
• User information is extracted to inform access control decisions and enhance user experience.

• The System Administrator can trigger a global sign-out using the "GlobalSignOut" API endpoint.
• This action revokes identity, access, and refresh tokens, effectively logging the user out from all devices.

• The System Administrator adjusts the validity time of tokens (ID, Access, Refresh) using the "Update Token Validity Period" API.
• Token expiration times can be customized according to application requirements.

• The System Administrator updates user attributes using the "Update User Attributes" API endpoint.
• Attributes such as roles, group affiliations, and preferences can be modified securely.

• The System Administrator uses the "Delete User" API endpoint to remove user accounts when necessary.
• Account deletions should be carried out with caution as they are irreversible.

• Seamless User Experience: Users enjoy uninterrupted sessions without frequent logins due to Access Token renewal and refresh.
• Security: Token verification and secure user attribute updates enhance application security.
• User Personalization: User attributes can be dynamically updated, leading to personalized user experiences.
• Centralized Management: Global sign-out and token validity updates provide efficient user session management.
• Data Integrity: User data remains accurate through attribute updates and secure account deletions.

• The System Administrator has access to Cripsa Inc Backend Systems and valid credentials.
• Users have registered with the application and have associated tokens.
• Token expiration times are properly managed based on application requirements.

• User sessions are effectively managed, allowing for secure and seamless interactions within the application.

• Incorrect token handling or API usage may lead to improper session management.
• Insufficient or incorrect user attribute updates may impact personalization efforts.

• The System Administrator initiates API calls and interactions to manage user sessions, access tokens, and user attributes within the application using Cripsa Inc Backend Systems.