Phase 3:
Self-Service
One-click entity onboarding, template management, and portal auth -- making Delivery Hub installable by anyone without manual configuration.
What's Included
Four features that eliminated all manual onboarding steps.
One-Click Entity Onboarding
A single button creates a NetworkEntity, provisions PortalAccess with a cryptographic token, configures sync settings, and sets up default workflow assignments. Replaces a 4-script manual process.
Template Management UI
List, clone, activate, and deactivate work item templates. Templates are WorkItem__c records with IsTemplateBool__c = true, inheriting all existing fields and trigger logic for free.
Workflow Type Picker with Phase Pills
When creating work items, the workflow picker shows each type's phases as colored pills. Admins can visually compare workflows before selecting one. Pills render dynamically from WorkflowStage__mdt records.
Self-Service Portal Auth with Token Generation
PortalAccess__c gets a 128-bit hex token at entity creation time. Clients use this token for API access and portal authentication without needing Salesforce credentials.
Design Choices
Why each feature was built this way.
Why a 128-bit hex token generated at onboarding time
PortalAccess__c gets a cryptographically random token at entity creation time, eliminating the manual step of configuring auth credentials for each new client. The token is long enough to be unguessable (2^128 combinations) but short enough to pass in HTTP headers.
Why templates reuse WorkItem__c with a boolean flag
No new custom object needed. Templates are just work items with IsTemplateBool__c = true. They inherit all existing fields, validation rules, and trigger logic for free. Cloning a template creates a real work item with the flag set to false -- no mapping or transformation needed.
Why the workflow picker shows phases from CMT dynamically
Admins can visually compare workflow types before selecting one. The phase pills are rendered from WorkflowStage__mdt records, so adding a new workflow type automatically makes it appear in the picker with correct phase visualization. No UI code changes required.
Why one-click replaces a 4-script manual process
The original onboarding required running 4 separate CCI scripts: create entity, create portal access, configure sync, and assign workflows. Each step could fail independently, leaving the entity in a partial state. One-click wraps all 4 in a single transaction with rollback.
Why portal auth uses tokens (not OAuth or session-based auth)
OAuth adds complexity (redirect flows, refresh tokens, token storage) that small teams don't need. Session-based auth requires server-side state. A long-lived bearer token stored in PortalAccess__c is simple, stateless, and works identically for API calls and portal login.
Onboarding Flow
What happens when an admin clicks 'Add Entity'. Six steps, one transaction.
One-Click Onboarding Flow
Admin clicks 'Add Entity'
From the Getting Started wizard or the admin dashboard, one button starts the process.
NetworkEntity__c created
Entity record with name, type (Client/Vendor/Both), and default configuration.
PortalAccess__c provisioned
128-bit hex auth token generated. Portal URL and API endpoint configured automatically.
Sync settings configured
EntityTypePk__c set, sync routing rules applied, auto-sync enabled if configured.
Workflow assigned
Default workflow type assigned (Software_Delivery unless overridden). Templates available for cloning.
Entity ready
Client can log in to portal, view their board, and start creating work items immediately.
Architecture
Zero new objects. Pure automation of existing manual steps.
Component Architecture
deliveryGettingStarted
Onboarding Wizard
deliveryTemplateManager
Template CRUD
deliveryWorkflowPicker
Phase-Pill Picker
EntityOnboardingService
Orchestrates Setup
DeliveryHubController
@AuraEnabled
WorkflowConfigService
CMT Queries
NetworkEntity__c
Entity Record
PortalAccess__c
Auth Token
WorkItem__c
Templates (flag)
WorkflowStage__mdt
Phase Config
Key insight: Phase 3 added zero new custom objects. Everything was built on top of existing objects (NetworkEntity__c, PortalAccess__c, WorkItem__c) and existing CMT (WorkflowStage__mdt). The self-service layer is pure automation of manual steps that already worked.
Related Pages
Phase 3 made onboarding instant. Phase 4 adds intelligence -- velocity tracking and capacity planning.