Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
Adds ADR 0051 documenting the accountAuthorizations consent ledger introduced alongside the account-level authorization work, capturing the table’s purpose, schema, and the key write/read/delete paths and related product requirements (FXA-13761).
Changes:
- Adds a new ADR describing the
accountAuthorizationstable and its intended semantics (e.g.,firstAuthorizedTosAtvslastAuthorizedTosAt). - Documents related requirements (token-exchange gating, ToS re-consent, Braze first-authorization signal) and explicit out-of-scope items (liveness tracking).
- Records design decisions around deletion-based “pre-authorization” state and refresh-token backfill behavior.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Because: * Some decisions were made about this table that should be documented This commit: * Adds ADR 0051 covering the table's purpose, schema, write/read paths, and related decisions closes FXA-13761
vbudhram
approved these changes
Jul 10, 2026
|
|
||
| **Schema** — one row per `(uid, scope, service, clientId)`: | ||
|
|
||
| - `uid`, `scope`, `service`, `clientId` — primary key; all reads use the `(uid, scope, service)` left-prefix. |
Contributor
There was a problem hiding this comment.
Just noting that not all queries use the uid, scope, service
| - **Desktop gap.** Desktop calls `/destroy` on its sync refresh token right after sign-in, so it isn't in the scan source; sync and Desktop `service=` logins (Smart Window, etc.) are forward-filled by new logins, not backfilled. | ||
| - **Sync rows are benign.** Sync-scoped rows that do land (from mobile, or any browser flow that mints a Sync refresh token) are acceptable — the table gates silent token exchange, and Sync is never granted silently. This is expected to tidy up once Desktop moves to refresh tokens. | ||
|
|
||
| ## Notes |
Contributor
There was a problem hiding this comment.
This table went through several iterations, it could be worthwhile to add a section on that.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Because:
This commit:
closes FXA-13761