Current Limitation
The system currently retrieves member details by calling the GetAllMembers endpoint and filtering the results by IdPUserID. This approach is inefficient and not scalable for scenarios where this lookup is performed frequently, such as:
- Member login flows: When a member signs in through an identity provider, we need to quickly fetch their member profile using only the
IdPUserID.
- API authorization: During request authorization, the decoded token contains only the
IdPUserID. To validate that a member is accessing only their own resources, we must resolve the corresponding memberId efficiently. The current workflow requires calling GetAllMembers and filtering client-side, which is both slow and unnecessary.
This results in wasted processing time, extra network overhead, and unnecessary load on the backend.
Suggested Improvement
To optimize these high-frequency lookups, introduce dedicated support for querying by IdPUserID:
-
Add a new service function:
GetMemberByIdPUserID(IdPUserID string) (*Member, error)
This should provide a direct, efficient lookup rather than relying on scanning all members.
-
Add a new API endpoint:
A dedicated endpoint that returns a Member resource filtered by IdPUserID.
This may be implemented as either:
- A new route (e.g.,
GET /members/by-idp/{idpUserId}), or
- An enhancement to the existing members endpoint allowing a server-side
idpUserId filter.
This improvement will reduce latency, improve authorization checks, and remove the need for inefficient client-side filtering.
Version
No response
Additional Context
No response
Current Limitation
The system currently retrieves member details by calling the
GetAllMembersendpoint and filtering the results byIdPUserID. This approach is inefficient and not scalable for scenarios where this lookup is performed frequently, such as:IdPUserID.IdPUserID. To validate that a member is accessing only their own resources, we must resolve the correspondingmemberIdefficiently. The current workflow requires callingGetAllMembersand filtering client-side, which is both slow and unnecessary.This results in wasted processing time, extra network overhead, and unnecessary load on the backend.
Suggested Improvement
To optimize these high-frequency lookups, introduce dedicated support for querying by
IdPUserID:Add a new service function:
GetMemberByIdPUserID(IdPUserID string) (*Member, error)This should provide a direct, efficient lookup rather than relying on scanning all members.
Add a new API endpoint:
A dedicated endpoint that returns a Member resource filtered by
IdPUserID.This may be implemented as either:
GET /members/by-idp/{idpUserId}), oridpUserIdfilter.This improvement will reduce latency, improve authorization checks, and remove the need for inefficient client-side filtering.
Version
No response
Additional Context
No response