User Onboarding
Overview
LandlordX supports three distinct user roles, each with a unique onboarding journey tailored to their needs. This document describes the user types, their responsibilities, and the onboarding flow for each.
User Types
| Role | Description | Onboarding Type |
|---|---|---|
| Landlord | Legal owner of a property, or an individual/entity (may have Power of Attorney) legally authorised to sign agreements on behalf of the owner. Their name appears on lease agreements. Can be an individual or a company. | Standard onboarding via PWA |
| Manager | Person or entity managing property on behalf of the landlord. Receives most routine notifications. Not listed on lease agreements. | Standard onboarding via PWA |
| Tenant | Individual or entity renting/occupying the property. | Just-in-time onboarding during agreement eSigning |
Manager Notification Priority
When a property has a manager assigned:
- Manager receives: All routine notifications (rent reminders, payment confirmations, general updates)
- Landlord receives: Only high-priority notifications (eSign requests, maintenance escalations with high priority)
This ensures managers handle day-to-day operations while landlords are only notified for critical actions requiring their attention.
User Type Classification
Users can be classified as:
- Individual: A person with PAN and Aadhaar for KYC
- Company: A business entity with PAN and GSTIN for verification
Onboarding Flows
Landlord & Manager Onboarding (Standard Flow)
Landlords and managers follow the same progressive authentication flow through the PWA.
Step-by-Step Process
-
Phone Verification
- User enters mobile number
- System sends OTP via SMS
- User enters 6-digit OTP
- Backend creates/authenticates user
-
Profile Creation
- User enters first name, last name
- User enters email address
- System sets
hasCompletedProfile = true
-
eKYC Verification
- User connects DigiLocker account
- System verifies Aadhaar details
- System extracts and stores masked Aadhaar number
- System sets
kyc_verified = true
-
Dashboard Access
- User gains full access to LandlordX features
- Can manage properties, create agreements, etc.
Tenant Onboarding (Just-in-Time Flow)
Tenants are onboarded at the point of eSigning a lease agreement. This minimizes friction as tenants primarily interact via WhatsApp.
Tenant Onboarding Scenarios
| Scenario | Required Steps |
|---|---|
| New tenant (phone not in system) | OTP → Profile → eKYC → eSign |
| Existing user without KYC | OTP → eKYC → eSign |
| Fully verified user | OTP → eSign directly |
eKYC Integration via Aadhaar
LandlordX uses Aadhaar-based eKYC for identity verification through a third-party eKYC Provider that integrates with DigiLocker and UIDAI.
eKYC Architecture
eKYC Flow
eKYC Request/Response
Create eKYC Request:
| Field | Description |
|---|---|
redirect_url | URL to redirect user after completion |
user_reference_id | Unique identifier for the user |
eKYC Response (on success):
| Field | Description |
|---|---|
status | complete on successful verification |
aadhaar.name | Full name from Aadhaar |
aadhaar.dob | Date of birth |
aadhaar.gender | Gender |
aadhaar.address | Address from Aadhaar |
aadhaar.maskedNumber | Masked Aadhaar (XXXX-XXXX-1234) |
aadhaar.photo | Base64 encoded photo |
Data Captured via eKYC
| Field | Description | Storage |
|---|---|---|
masked_aadhaar | Last 4 digits visible (e.g., XXXX-XXXX-1234) | Encrypted |
first_name | Legal first name from Aadhaar | Plain text |
last_name | Legal last name from Aadhaar | Plain text |
kyc_verified | Verification status flag | Boolean |
Company Verification (GSTIN)
For company users, additional verification is performed:
User State Transitions
User Data Model
interface User {
user_id: string; // UUID
phone: string; // Mobile number
first_name: string; // Legal first name
last_name?: string; // Legal last name
email?: string; // Email address
role: "landlord" | "manager" | "tenant";
user_type: "individual" | "company";
// KYC fields (individuals)
pan_number: string; // Required for all
masked_aadhaar?: string; // From DigiLocker
kyc_verified: boolean; // Aadhaar verification status
// Company fields
company_name?: string; // If user_type is company
gstin?: string; // GST identification number
gstin_verified: boolean; // GSTIN verification status
}Security & Privacy Considerations
- PAN Number: Required for all users (tax compliance)
- Aadhaar: Only masked version stored; full number never persisted
- Phone: Unique per role (user can have multiple roles with same phone)
- GSTIN: Verified via government API for company users
- Session: JWT-based authentication with token refresh
Related Documentation
- Entity Relationships - Database entity relationships (User, UserKyc)
- Progressive Auth Flow - Detailed auth implementation
- Lease Agreement Generation & Signing - Agreement creation and eSign process
- WhatsApp Experience - Tenant interactions via WhatsApp