...
This makes it difficult to talk about changes to the management of accounts, even for something like authorization. We should first untangle this (I admit the diagram itself is a mess…it just became too difficult to draw all the interrelationships). Here is one aspirational model where we separate Synapse-managed accounts and participant accounts, so that all the business logic around participants is clearly separated from our more reduced code to manage admin accounts:
...
There would be backwards-incompatible consequences to this refactor. The /v3/participants APIs could no longer be used to create and manage administrative accounts. I don’t know who uses these for that purpose, at least the Bridge Study Manage would need to revise the UI it has to list all admins/users in one giant list (currently under the legacy panel).
Expanded permissions model
...