Architecture

System Context

The User Service is deployed as a set of AWS Lambda functions behind API Gateway, with DynamoDB and RDS as its primary data stores. It participates in the broader FloatMe platform both as a synchronous API and as an event-driven consumer and producer.

Inbound Traffic

Source Description

Source	Description
`prod-floatme-api` (API Gateway)	Legacy JWT-authenticated gateway. Used only for `POST /users/create` (user signup). All other mobile traffic is routed through the main global FloatMe API gateway.
`prod-user-service-api` (API Gateway)	IAM-authenticated requests from internal FloatMe services (subscription service, payment service, etc.) and the global API gateway for all non-signup endpoints.
`prod-payments` (Kinesis)	Payment events consumed by the payment-worker Lambda. Used to ban users on chargebacks.
`prod-subscriptions` (Kinesis)	Subscription lifecycle events consumed by the subscriptions Lambda. Used to handle pause and resume flows.

prod-floatme-api (API Gateway)

Legacy JWT-authenticated gateway. Used only for POST /users/create (user signup). All other mobile traffic is routed through the main global FloatMe API gateway.

prod-user-service-api (API Gateway)

IAM-authenticated requests from internal FloatMe services (subscription service, payment service, etc.) and the global API gateway for all non-signup endpoints.

prod-payments (Kinesis)

Payment events consumed by the payment-worker Lambda. Used to ban users on chargebacks.

prod-subscriptions (Kinesis)

Subscription lifecycle events consumed by the subscriptions Lambda. Used to handle pause and resume flows.

Outbound Traffic

Destination Description

Destination	Description
`prod-user-service-users` (Kinesis)	Outbound stream of user and membership change events, produced by the kinesis-feeder Lambda from DynamoDB Streams. Consumed by downstream FloatMe services.
`user-service.api` (EventBridge)	Domain events published by the user-api Lambda for integration with other services.

prod-user-service-users (Kinesis)

Outbound stream of user and membership change events, produced by the kinesis-feeder Lambda from DynamoDB Streams. Consumed by downstream FloatMe services.

user-service.api (EventBridge)

Domain events published by the user-api Lambda for integration with other services.

Lambda Functions

Function Trigger Responsibility

Function	Trigger	Responsibility
`prod-user-service-api`	API Gateway (IAM)	Primary REST API. Handles all CRUD operations for users, memberships, phone numbers, tags, KYC, MLA, and consent.
`prod-user-service-payment-worker`	Kinesis (`prod-payments`)	Consumes payment events. Bans users when a `CHARGED_BACK` event is received.
`prod-user-service-subscriptions`	Kinesis (`prod-subscriptions`)	Consumes subscription events. Marks memberships as paused on `pause-skipped`; resumes and notifies on `pause-resume`.
`prod-user-service-kinesis-feeder`	DynamoDB Streams	Transforms DynamoDB change records into structured events and publishes them to the outbound Kinesis stream.
`prod-user-service-cleanup`	SQS (`prod-user-service-cleanup`)	Async post-cancellation cleanup: removes Plaid items via the Transactions service, blocks the user’s Auth0 account, and schedules Array cleanup.

prod-user-service-api

API Gateway (IAM)

Primary REST API. Handles all CRUD operations for users, memberships, phone numbers, tags, KYC, MLA, and consent.

prod-user-service-payment-worker

Kinesis (prod-payments)

Consumes payment events. Bans users when a CHARGED_BACK event is received.

prod-user-service-subscriptions

Kinesis (prod-subscriptions)

Consumes subscription events. Marks memberships as paused on pause-skipped; resumes and notifies on pause-resume.

prod-user-service-kinesis-feeder

DynamoDB Streams

Transforms DynamoDB change records into structured events and publishes them to the outbound Kinesis stream.

prod-user-service-cleanup

SQS (prod-user-service-cleanup)

Async post-cancellation cleanup: removes Plaid items via the Transactions service, blocks the user’s Auth0 account, and schedules Array cleanup.

Data Storage

The User Service uses a single DynamoDB table with multiple entity types sharing the same table (single-table design), plus a separate RDS PostgreSQL instance for user profile data.

DynamoDB: `prod-user-service-users` (us-east-2)

Multiple entity types are stored in one table, differentiated by key prefix and a db_type attribute.

PK                        SK                           db_type
────────────────────────────────────────────────────────────────
USERS#<user_id>           USER_INFORMATION#<ts>        USER
USERS#<user_id>           TIER#<start_date>            MEMBERSHIP
USERS#<user_id>           TAG#<tag_name>               TAG

GSIs on the User entity support lookups by email and phone number.

See Users & Data Model for full attribute reference.

DynamoDB: `user-phone-numbers` (us-east-1)

Dedicated table for phone number storage and deduplication, with a GSI on phone_number for reverse lookups.

RDS PostgreSQL: `FloatMeAPI_usermodel` (us-east-2)

Stores user profile fields: name, email, address, employment validation status, and Firebase install ID. Accessed via a primary instance (writes) and a read replica (reads).

External Service Integrations

Service Integration

Service	Integration
Auth0	User authentication. The API enforces MFA on account creation and blocks accounts during cleanup.
Growthbook	Feature flags and membership tier configuration (pricing, versions). Fetched at runtime for upgrade, downgrade, and reactivation flows.
Experian	MLA (Military Lending Act) covered borrower lookups. See MLA Lookup.
Subscription Service	Activates, pauses, resumes, upgrades, and downgrades recurring billing subscriptions in coordination with membership changes.
Payment Service	Processes one-time charges (e.g. prorated upgrade fees) and issues refunds. Source of the `prod-payments` Kinesis stream.
Float Service	Queried during cancellation and reactivation to check for outstanding float balances.
Transactions Service	Manages Plaid item connections. Queried during user activation and cleaned up during account cancellation. KYC session storage and management.
Underwriting Service	Recalculates underwriting eligibility on reactivation.

Auth0

User authentication. The API enforces MFA on account creation and blocks accounts during cleanup.

Growthbook

Feature flags and membership tier configuration (pricing, versions). Fetched at runtime for upgrade, downgrade, and reactivation flows.

Experian

MLA (Military Lending Act) covered borrower lookups. See MLA Lookup.

Subscription Service

Activates, pauses, resumes, upgrades, and downgrades recurring billing subscriptions in coordination with membership changes.

Payment Service

Processes one-time charges (e.g. prorated upgrade fees) and issues refunds. Source of the prod-payments Kinesis stream.

Float Service

Queried during cancellation and reactivation to check for outstanding float balances.

Transactions Service

Manages Plaid item connections. Queried during user activation and cleaned up during account cancellation. KYC session storage and management.

Underwriting Service

Recalculates underwriting eligibility on reactivation.

Users & Data Model — Full DynamoDB and RDS schema reference
Event-Driven Flows — Inbound and outbound Kinesis stream details
API Specification — Full OpenAPI spec