How is access level given to the (deeplink) ghost user?

The basic mechanism involves professions/specialties, which have references to access levels.

Onekey ID, Veeva ID, Unify ID, Email Address received via deeplink
Check if the user already exists
- User does not exist:
  - Onekey ID:
    - Search via Onekey Webservices API
    - No result found: Abort with 404 error
    - Result found:
      - If profession/specialty is present → Access levels assigned
      - If profession/specialty is not present → Abort with 404 error
  - Veeva ID:
    - Similar process as Onekey ID but through Veeva CRM API
- User already exists:
  - Attempts to gather relevant information
  - No specialties/professions: No access granted
  - Has specialties/professions: Payload includes access levels

Additionally, access levels can be assigned without specialties/professions through direct assignment.