# Service Design Specification
**workforceos-employeeprofile-service** documentation
**Version:** `1.0.16`

## Scope

This document provides a structured architectural overview of the `employeeProfile` microservice, detailing its configuration, data model, authorization logic, business rules, and API design. It has been automatically generated based on the service definition within Mindbricks, ensuring that the information reflects the source of truth used during code generation and deployment.

The document is intended to serve multiple audiences:

* **Service architects** can use it to validate design decisions and ensure alignment with broader architectural goals.
* **Developers and maintainers** will find it useful for understanding the structure and behavior of the service, facilitating easier debugging, feature extension, and integration with other systems.
* **Stakeholders and reviewers** can use it to gain a clear understanding of the service's capabilities and domain logic.

> **Note for Frontend Developers**: While this document is valuable for understanding business logic and data interactions, please refer to the [Service API Documentation](#) for endpoint-level specifications and integration details.

> **Note for Backend Developers**: Since the code for this service is automatically generated by Mindbricks, you typically won't need to implement or modify it manually. However, this document is especially valuable when you're building other services—whether within Mindbricks or externally—that need to interact with or depend on this service. It provides a clear reference to the service's data contracts, business rules, and API structure, helping ensure compatibility and correct integration.



## `EmployeeProfile` Service Settings

Manages extended employee profile data, employment/tax details, and employee-related documents/certifications for each company. Extends user identities with HR, department, and compliance info. Allows managers and admins to review employee profiles and documents..

### Service Overview

This service is configured to listen for HTTP requests on port `3001`, 
serving both the main API interface and default administrative endpoints.

The following routes are available by default:

* **API Test Interface (API Face):** `/`
* **Swagger Documentation:** `/swagger`
* **Postman Collection Download:** `/getPostmanCollection`
* **Health Checks:** `/health` and `/admin/health`
* **Current Session Info:** `/currentuser`
* **Favicon:** `/favicon.ico`

The service uses a **PostgreSQL** database for data storage, with the database name set to `workforceos-employeeprofile-service`.

This service is accessible via the following environment-specific URLs:

* **Preview:** `https://workforceos.prw.mindbricks.com/employeeprofile-api`
* **Staging:** `https://workforceos-stage.mindbricks.co/employeeprofile-api`
* **Production:** `https://workforceos.mindbricks.co/employeeprofile-api`

                                 

### Authentication & Security
- **Login Required**: Yes

This service requires user authentication for access. It supports both JWT and RSA-based authentication mechanisms, ensuring secure user sessions and data integrity.
If a crud route also is configured to require login, 
it will check a valid JWT token in the request query/header/bearer/cookie. If the token is valid, it will extract the user information from the token and make the fetched session data available in the request context.

  
### Service Data Objects
The service uses a **PostgreSQL** database for data storage, with the database name set to `workforceos-employeeprofile-service`.

Data deletion is managed using a **soft delete** strategy. Instead of removing records from the database, they are flagged as inactive by setting the `isActive` field to `false`.



| Object Name | Description | Public Access | Tenant Level  | 
|-------------|-------------|---------------| --------------| 
| `employeeProfile` | Extended business-centric employee profile with employment, compensation, department, and management fields associated to an auth user. Enables company to track staff employment metadata, department, position, and assigned manager for full HR oversight. | accessPrivate |  Yes | 
| `employeeDocument` | Document or certification attached to an employee profile. E.g., work permit, certification, or contract files. | accessPrivate |  Yes | 




## employeeProfile Data Object

### Object Overview
**Description:** Extended business-centric employee profile with employment, compensation, department, and management fields associated to an auth user. Enables company to track staff employment metadata, department, position, and assigned manager for full HR oversight.

This object represents a core data structure within the service and acts as the blueprint for database interaction, API generation, and business logic enforcement. 
It is defined using the `ObjectSettings` pattern, which governs its behavior, access control, caching strategy, and integration points with other systems such as Stripe and Redis.

### Core Configuration
- **Soft Delete:** Enabled — Determines whether records are marked inactive (`isActive = false`) instead of being physically deleted.
- **Public Access:** accessPrivate — If enabled, anonymous users may access this object’s data depending on API-level rules.
- **Tenant-Level Scope:** Yes — Enables data isolation per tenant by attaching a tenant ID field.




### Composite Indexes

- **employeeProfileUniquePerUserPerCompany**: [userId, companyId] 
This composite index is defined to optimize query performance for complex queries involving multiple fields.

The index also defines a conflict resolution strategy for duplicate key violations.

When a new record would violate this composite index, the following action will be taken:

**On Duplicate**: `throwError`

An error will be thrown, preventing the insertion of conflicting data.






### Properties Schema


**Display Label Property:** `position` — This property is the default display label for records of this data object. Relation dropdowns and record references in the frontend will show the value of this property as the human-readable label.

| Property | Type | Required | Description |
|----------|------|----------|-------------|
| `userId` | ID | Yes | Reference to the auth user for this employee profile. |
| `employmentStartDate` | Date | Yes | Employee's official employment start date. |
| `position` | String | Yes | Employee's job title or position |
| `contractType` | Enum | Yes | Type of employment contract for this employee. |
| `salary` | Double | No | Employee's salary for reporting (managers/admins only). |
| `departmentId` | ID | No | Reference to the department (userGroup) this employee belongs to. |
| `managerId` | ID | No | ID of the assigned manager or supervisor (userId from auth:user). |
| `notes` | Text | No | Manager/admin internal notes (not visible to employees). |
| `companyId` | ID | Yes | An ID value to represent the tenant id of the company |
* Required properties are mandatory for creating objects and must be provided in the request body if no default value is set.
* Properties marked `Type[] (array)` MUST be sent as a JSON array (e.g. `["a","b"]`), even when only one value is present (`["a"]`). Sending a bare scalar fails validation.



### Default Values
Default values are automatically assigned to properties when a new object is created, if no value is provided in the request body.
Since default values are applied on db level, they should be literal values, not expressions.If you want to use expressions, you can use transposed parameters in any business API to set default values dynamically.

- **userId**: '00000000-0000-0000-0000-000000000000'
- **employmentStartDate**: new Date()
- **position**: 'default'
- **contractType**: permanent
- **companyId**: 00000000-0000-0000-0000-000000000000


### Constant Properties

`userId` `companyId`

Constant properties are defined to be immutable after creation, meaning they cannot be updated or changed once set. They are typically used for properties that should remain constant throughout the object's lifecycle.
A property is set to be constant if the `Allow Update` option is set to `false`.


### Auto Update Properties

`userId` `employmentStartDate` `position` `contractType` `salary` `departmentId` `managerId` `notes`

An update crud API created with the option `Auto Params` enabled will automatically update these properties with the provided values in the request body. 
If you want to update any property in your own business logic not by user input, you can set the `Allow Auto Update` option to false.
These properties will be added to the update API's body parameters and can be updated by the user if any value is provided in the request body.

 

### Secret Properties

`notes`

Secret properties hold sensitive values (e.g., API keys, QR codes, tokens) that must be protected from exposure to AI models. 
In MCP tool responses, these fields are masked with `***` and a `__proxyCode` is included in the record.
The AI cannot read the actual values of secret fields. To reveal a secret to the user, the AI uses the `showSecretFieldInFrontEnd` tool with the `__proxyCode` from the GET response.
The frontend renders the value securely as text, barcode, or QR code through a dedicated action card.
Unlike hashed properties, secret values are stored in cleartext and can be retrieved by authorized users through the proper reveal flow.


### Enum Properties
Enum properties are defined with a set of allowed values, ensuring that only valid options can be assigned to them. 
The enum options value will be stored as strings in the database, 
but when a data object is created an addtional property with the same name plus an idx suffix will be created, which will hold the index of the selected enum option.
You can use the index property to sort by the enum value or when your enum options represent a sequence of values.

- **contractType**: [permanent, temporary, contract]


 

 

### Elastic Search Indexing

`userId` `employmentStartDate` `position` `contractType` `salary` `departmentId` `managerId` `companyId`

Properties that are indexed in Elastic Search will be searchable via the Elastic Search API. 
While all properties are stored in the elastic search index of the data object, only those marked for Elastic Search indexing will be available for search queries.


### Database Indexing

`userId` `companyId`

Properties that are indexed in the database will be optimized for query performance, allowing for faster data retrieval.
Make a property indexed in the database if you want to use it frequently in query filters or sorting.


### Unique Properties

`userId`

Unique properties are enforced to have distinct values across all instances of the data object, preventing duplicate entries.
Note that a unique property is automatically indexed in the database so you will not need to set the `Indexed in DB` option.




### Secondary Key Properties

`userId` `companyId`

Secondary key properties are used to create an additional indexed identifiers for the data object, allowing for alternative access patterns.
Different than normal indexed properties, secondary keys will act as primary keys and Mindbricks will provide automatic secondary key db utility functions to access the data object by the secondary key.


### Relation Properties

`userId` `departmentId` `managerId`

Mindbricks supports relations between data objects, allowing you to define how objects are linked together.
You can define relations in the data object properties, which will be used to create foreign key constraints in the database.
For complex joins operations, Mindbricks supportsa BFF pattern, where you can view dynamic and static views based on Elastic Search Indexes.
Use db level relations for simple one-to-one or one-to-many relationships, and use BFF views for complex joins that require multiple data objects to be joined together.

- **userId**: ID
Relation to `user`.id

The target object is a sibling object, meaning that the relation is a many-to-one or one-to-one relationship from this object to the target.

On Delete: Set Null
Required: Yes

- **departmentId**: ID
Relation to `userGroup`.id

The target object is a sibling object, meaning that the relation is a many-to-one or one-to-one relationship from this object to the target.

On Delete: Set Null
Required: No

- **managerId**: ID
Relation to `user`.id

The target object is a sibling object, meaning that the relation is a many-to-one or one-to-one relationship from this object to the target.

On Delete: Set Null
Required: No




### Filter Properties

`userId` `employmentStartDate` `position` `contractType` `departmentId` `managerId` `companyId`

Filter properties are used to define parameters that can be used in query filters, allowing for dynamic data retrieval based on user input or predefined criteria.
These properties are automatically mapped as API parameters in the listing API's that have "Auto Params" enabled.

- **userId**: ID  has a filter named `userId`

- **employmentStartDate**: Date  has a filter named `employmentStartDate`

- **position**: String  has a filter named `position`

- **contractType**: Enum  has a filter named `contractType`

- **departmentId**: ID  has a filter named `departmentId`

- **managerId**: ID  has a filter named `managerId`

- **companyId**: ID  has a filter named `companyId`





## employeeDocument Data Object

### Object Overview
**Description:** Document or certification attached to an employee profile. E.g., work permit, certification, or contract files.

This object represents a core data structure within the service and acts as the blueprint for database interaction, API generation, and business logic enforcement. 
It is defined using the `ObjectSettings` pattern, which governs its behavior, access control, caching strategy, and integration points with other systems such as Stripe and Redis.

### Core Configuration
- **Soft Delete:** Enabled — Determines whether records are marked inactive (`isActive = false`) instead of being physically deleted.
- **Public Access:** accessPrivate — If enabled, anonymous users may access this object’s data depending on API-level rules.
- **Tenant-Level Scope:** Yes — Enables data isolation per tenant by attaching a tenant ID field.




### Composite Indexes

- **employeeProfileDocUniquePerType**: [employeeProfileId, documentType] 
This composite index is defined to optimize query performance for complex queries involving multiple fields.

The index also defines a conflict resolution strategy for duplicate key violations.

When a new record would violate this composite index, the following action will be taken:

**On Duplicate**: `throwError`

An error will be thrown, preventing the insertion of conflicting data.






### Properties Schema


**Display Label Property:** `documentType` — This property is the default display label for records of this data object. Relation dropdowns and record references in the frontend will show the value of this property as the human-readable label.

| Property | Type | Required | Description |
|----------|------|----------|-------------|
| `employeeProfileId` | ID | Yes | Reference to the related employeeProfile record. |
| `documentType` | String | Yes | Type of document (e.g., ID, contract, certification). |
| `documentUrl` | String | Yes | URL to the file storage location or bucket for this document. |
| `validUntil` | Date | No | Expiration date of document, if applicable. Used for tracking compliance/renewal. |
| `companyId` | ID | Yes | An ID value to represent the tenant id of the company |
* Required properties are mandatory for creating objects and must be provided in the request body if no default value is set.
* Properties marked `Type[] (array)` MUST be sent as a JSON array (e.g. `["a","b"]`), even when only one value is present (`["a"]`). Sending a bare scalar fails validation.



### Default Values
Default values are automatically assigned to properties when a new object is created, if no value is provided in the request body.
Since default values are applied on db level, they should be literal values, not expressions.If you want to use expressions, you can use transposed parameters in any business API to set default values dynamically.

- **employeeProfileId**: '00000000-0000-0000-0000-000000000000'
- **documentType**: 'default'
- **documentUrl**: 'default'
- **companyId**: 00000000-0000-0000-0000-000000000000


### Constant Properties

`employeeProfileId` `companyId`

Constant properties are defined to be immutable after creation, meaning they cannot be updated or changed once set. They are typically used for properties that should remain constant throughout the object's lifecycle.
A property is set to be constant if the `Allow Update` option is set to `false`.


### Auto Update Properties

`employeeProfileId` `documentType` `documentUrl` `validUntil`

An update crud API created with the option `Auto Params` enabled will automatically update these properties with the provided values in the request body. 
If you want to update any property in your own business logic not by user input, you can set the `Allow Auto Update` option to false.
These properties will be added to the update API's body parameters and can be updated by the user if any value is provided in the request body.

 

### Secret Properties

`documentUrl`

Secret properties hold sensitive values (e.g., API keys, QR codes, tokens) that must be protected from exposure to AI models. 
In MCP tool responses, these fields are masked with `***` and a `__proxyCode` is included in the record.
The AI cannot read the actual values of secret fields. To reveal a secret to the user, the AI uses the `showSecretFieldInFrontEnd` tool with the `__proxyCode` from the GET response.
The frontend renders the value securely as text, barcode, or QR code through a dedicated action card.
Unlike hashed properties, secret values are stored in cleartext and can be retrieved by authorized users through the proper reveal flow.



 

 

### Elastic Search Indexing

`employeeProfileId` `documentType` `validUntil` `companyId`

Properties that are indexed in Elastic Search will be searchable via the Elastic Search API. 
While all properties are stored in the elastic search index of the data object, only those marked for Elastic Search indexing will be available for search queries.


### Database Indexing

`employeeProfileId` `companyId`

Properties that are indexed in the database will be optimized for query performance, allowing for faster data retrieval.
Make a property indexed in the database if you want to use it frequently in query filters or sorting.





### Secondary Key Properties

`employeeProfileId` `companyId`

Secondary key properties are used to create an additional indexed identifiers for the data object, allowing for alternative access patterns.
Different than normal indexed properties, secondary keys will act as primary keys and Mindbricks will provide automatic secondary key db utility functions to access the data object by the secondary key.





### Filter Properties

`employeeProfileId` `documentType` `validUntil` `companyId`

Filter properties are used to define parameters that can be used in query filters, allowing for dynamic data retrieval based on user input or predefined criteria.
These properties are automatically mapped as API parameters in the listing API's that have "Auto Params" enabled.

- **employeeProfileId**: ID  has a filter named `employeeProfileId`

- **documentType**: String  has a filter named `documentType`

- **validUntil**: Date  has a filter named `validUntil`

- **companyId**: ID  has a filter named `companyId`







## Business Logic



employeeProfile has got 10 Business APIs to manage its internal and crud logic. 
For the details of each business API refer to its chapter.

* [Create Employeeprofile](/businessLogic/createemployeeprofile)

* [Update Employeeprofile](/businessLogic/updateemployeeprofile)

* [Get Employeeprofile](/businessLogic/getemployeeprofile)

* [List Employeeprofiles](/businessLogic/listemployeeprofiles)

* [Create Employeedocument](/businessLogic/createemployeedocument)

* [Update Employeedocument](/businessLogic/updateemployeedocument)

* [Get Employeedocument](/businessLogic/getemployeedocument)

* [List Employeedocuments](/businessLogic/listemployeedocuments)

* [Delete Employeeprofile](/businessLogic/deleteemployeeprofile)

* [Delete Employeedocument](/businessLogic/deleteemployeedocument)


















## Service Library


### Functions

#### isDocumentExpired.js
```js
module.exports = function isDocumentExpired(document) {
  // Checks if validUntil is set and before now
  if (!document.validUntil) return false;
  return new Date(document.validUntil) < new Date();
}
```












---

*This document was generated from the service architecture definition and should be kept in sync with implementation changes.*