Affiliate incorporation of new business to account

[lmullane]

Title: Affiliate incorporation of new business to account

---

Description:

• As an owner/admin/member of an account
• I want any business I incorporate/register to automatically be affiliated with my account
• so that I have full permissions to manage the business in the future

Acceptance Criteria Scenario 1: an owner/admin/member is incorporating or registering a business

• GIVEN the user is logged-in AND has an approved NR
• WHEN they save the incorporation as a draft
• THEN Entities will create a temporary ID *AND this temporary ID will be affiliated to the account

Scenario 2: Paid for for Incorporation GIVEN the business incorporation or registration is complete WHEN an incorporation number is issued THEN the business will be affiliated to the account by the incorporation number AND the temporary ID will be removed

---

Notes/ hints:

• goal: get rid of pass codes (automatic)
• anybody who has access could complete the account

• get from Entities part of draft (business info that is in filing) (e.g. Katie or Thor)

Dependencies? (If so, link dependency in the ticket, make it visible in a team´s backlog)

• no

Validation Rules? (If yes, list here)

---

DoR for User Story:

• [ ] Do we have a prioritized Sprint Backlog?
• [ ] Defects, user stories and other work the team has committed to are contained in the sprint backlog?
• [ ] Any hidden work?
• [ ] All team members availability (days) & capacity (in SP) is known for the Sprint?
• [ ] All users stories meet the DoR?

Definition of Ready:

1. [ ] Does User Story have full flow of business rules, happy and alternate paths, etc.?
2. [ ] Requirements & expected behavior included in the User Story?
3. [ ] Are the dependencies known/ understood?
4. [ ] Dev team accepts user experience artifacts
5. [ ] If there are validation rules, are they defined (UI, Data, Role-Action)?
6. [ ] Does this User Story needs stakeholder approval?
7. [ ] Is this user story small enough to be completed in a Sprint?
8. [ ] What do we possible have to do re Change Management? - a) GCPE, …?

---

Definition of Done: 1) [ ] Check Requirements against completed tasks 2) [ ] Completed stories verified in Dev and Test 3) [ ] Confirm Test cases built and succeeding 4) [ ] No regression test failures 5) [ ] Test coverage acceptable by Product Owner??? 6) [ ] Ticket merged to master or story branch 7) [ ] Developer to list Config changes/ Update documents and designs 8) [ ] Design / Solution accepted by Product Owner 9) [ ] UX Approved 10) [ ] Can be demoed in Sprint Review 11) [ ] Release ticket is created and this US is linked to it

[sumesh-aot]

Discussed with @saravankumarpa, On further thinking, to avoid any security holes, below flow would be ideal; 1) Legal API to call /entities POST endpoint with a temporary password : Currently this endpoint is secured by 'system' role. So Legal API would need to invoke this using a service account. 2) Call /affiliations to create the affiliation with the org (account).

[saravankumarpa]

A service account created for the purpose. Credentials can be obtained from the relationship team. Just adding on to @pksumesh comment. The flow in the above comment remains the same ; and to update the temporary business identifier to new business identifier , PUT /api/v1/entities/put/{business_identifier} endpoint can be used.

[WaldemarSchneider86]

moved to Done in Team Review