Altien rebuilds Mike's user profile plumbing

A bigger, safer set of controls for who can change what on a user account - and what happens when an account closes.

multi-tenantcompliance

Upstream Mike shipped a thin stub for editing a user's profile and leaned on the identity provider to handle account deletion. Altien has swapped that out for a proper set of endpoints: read your profile, edit a controlled list of fields (including your own API keys for the various AI providers), top up chat credits, or close your account entirely.

Closing an account now cascades through every table that holds the user's data, instead of just deleting their login. In tenant-managed deployments that self-serve close is blocked - only the tenant admin can shut a seat down, which matches how firms actually run shared environments. The profile read also quietly resets the monthly credit window when the previous one has lapsed, so billing doesn't drift.

So what Legal-ops leads evaluating Mike for a firm rollout should note this is the kind of account-lifecycle hygiene that compliance and procurement will ask about.

View this fork on GitHub →

Spotted something wrong? Or know the PR text has fresher detail than the writeup above?

Commits in this thread

1 commit from Altien/mikeOssAzure, oldest first. Source extracted verbatim from the harvested git log.

SHA Subject Author Date

ff992534 feat(user): full /user/profile REST surface Allen Morgan 2026-05-08 ↗ GitHub

SHA	Subject	Author	Date
`ff992534`	feat(user): full /user/profile REST surface	Allen Morgan	2026-05-08	↗ GitHub
commit body Replaces the upstream POST /user/profile stub + auth.admin.deleteUser account-deletion path with: * GET /user/profile - returns the profile row plus a global_api_keys map telling the frontend which providers have shared keys configured server-side. * PATCH /user/profile - whitelist of editable fields (display_name, organisation, tabular_model, fast_model, claude/gemini/openai/aoai keys). * POST /user/profile/credits/increment - used by chat to count billable messages. * DELETE /user/account - cascades through every user-owned table; returns 403 in entra mode (account closure for tenant-owned identities is handled out of band by the tenant admin). GET /user/profile also normalises credits_reset_date so the 30-day window self-refreshes when the previous one has passed. The auth- admin-deleteUser path is gone - provider-specific identity teardown is the IdP's responsibility, not the app's.

commit body

Replaces the upstream POST /user/profile stub + auth.admin.deleteUser
account-deletion path with:

  * GET    /user/profile               - returns the profile row plus
                                          a global_api_keys map telling
                                          the frontend which providers
                                          have shared keys configured
                                          server-side.
  * PATCH  /user/profile                - whitelist of editable fields
                                          (display_name, organisation,
                                          tabular_model, fast_model,
                                          claude/gemini/openai/aoai keys).
  * POST   /user/profile/credits/increment - used by chat to count
                                          billable messages.
  * DELETE /user/account                - cascades through every
                                          user-owned table; returns 403
                                          in entra mode (account closure
                                          for tenant-owned identities is
                                          handled out of band by the
                                          tenant admin).

GET /user/profile also normalises credits_reset_date so the 30-day
window self-refreshes when the previous one has passed. The auth-
admin-deleteUser path is gone - provider-specific identity teardown is
the IdP's responsibility, not the app's.

Capture this thread into my fork

Download a single Markdown prompt that tells Claude how to port every commit above into your working tree — adapting paths and structure to match your repo. Run it via claude -p < capture-thread-194.md from inside the repo you want the changes in.

⬇ Download capture-thread-194.md