diff --git a/Makefile b/Makefile
index 70d4462..211b85b 100644
--- a/Makefile
+++ b/Makefile
@@ -21,23 +21,20 @@ tf-deploy:      ## Deploy the app locally via Terraform
 	mkdir -p build/lambda
 	cp -r app/lambda/* build/lambda/
 
-	# docker run -it --platform=linux/amd64 --rm --entrypoint= -v $(PWD)/build/lambda:/tmp/lambda public.ecr.aws/lambda/python:3.11 pip install --upgrade --target /tmp/lambda -r /tmp/lambda/requirements.txt
+	docker run -it --platform=linux/amd64 --rm --entrypoint= -v $(PWD)/build/lambda:/tmp/lambda public.ecr.aws/lambda/python:3.11 pip install --upgrade --target /tmp/lambda -r /tmp/lambda/requirements.txt
 
-	# NOTE: SOMETIMES THE ARM64 VERSION WORKS, SOMETIMES THE AMD64 VERSION WORKS?
+	##### NOTE: SOMETIMES THE ARM64 VERSION WORKS, SOMETIMES THE AMD64 VERSION WORKS? #####
 	#docker run -it --platform=linux/arm64/v8 --rm --entrypoint= -v $(PWD)/build/lambda:/tmp/lambda public.ecr.aws/lambda/python:3.11 pip install --upgrade --target /tmp/lambda -r /tmp/lambda/requirements.txt
 
 	$(VENV_RUN); tflocal init; tflocal apply -auto-approve
 
-requests:       ## Send a couple of test requests to create entries in the database
-	endpoint=http://users-api.execute-api.localhost.localstack.cloud:4566/test/users; \
-		curl -H 'content-type: application/json' -d '{"name":"Alice","age":42}' $$endpoint; \
-		curl -H 'content-type: application/json' -d '{"name":"Bob","age":31}' $$endpoint; \
-		curl $$endpoint
+test-lambda:    ## Run Lambda API tests
+	$(VENV_RUN); pytest tests/test_lambda.py -v -s
 
 format:		    ## Run ruff to format the whole codebase
 	$(VENV_RUN); python -m ruff format .; python -m ruff check --output-format=full --fix .
 
 test:		    ## Run integration tests (requires LocalStack running with the Extension installed)
-	$(VENV_RUN); pytest tests
+	$(VENV_RUN); pytest tests/test_extension.py -v -s
 
-.PHONY: clean install usage venv format test
+.PHONY: clean install usage venv format test requests test-lambda tf-deploy
diff --git a/README.md b/README.md
index 3ad3054..afc89de 100644
--- a/README.md
+++ b/README.md
@@ -19,10 +19,12 @@ $ localstack extensions install "git+https://github.com/whummer/localstack-utils
 ## Start localstack
 
 ```
-$ localstack start
+$ DOCKER_FLAGS='-e TYPEDB_FLAGS=--development-mode.enabled=true' localstack start
 ```
 
-Note: mac users may need to also run
+(Note: developers of this repo should set the development mode flag to true to disable TypeDB's analytics)
+
+Mac users may need to also run
 ```
 $ sudo /Applications/Docker.app/Contents/MacOS/install vmnetd
 ```
diff --git a/app/lambda/handler.py b/app/lambda/handler.py
index b7a3241..5ab687b 100644
--- a/app/lambda/handler.py
+++ b/app/lambda/handler.py
@@ -1,52 +1,414 @@
 import json
+import sys
+import time
+import logging
 
-from typedb.driver import TypeDB, Credentials, DriverOptions, TransactionType
+from typedb.driver import TypeDB, Credentials, DriverOptions, TransactionType, TransactionOptions
+
+# Setup TRACE logger
+logger = logging.getLogger(__name__)
+logger.setLevel(logging.INFO)  
 
 db_name = "test-db"
 server_host = "typedb.localhost.localstack.cloud:4566"
 
 
+def _transaction_options():
+    """Get transaction options with configured timeout"""
+    return TransactionOptions(transaction_timeout_millis=10_000)
+
+def _cors_response(status_code, body):
+    """Create a response with CORS headers"""
+    return {
+        "statusCode": status_code,
+        "headers": {
+            "Access-Control-Allow-Origin": "*",
+            "Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, OPTIONS",
+            "Access-Control-Allow-Headers": "Content-Type, Authorization"
+        },
+        "body": json.dumps(body) if isinstance(body, dict) else body
+    }
+
 def handler(event, context):
+    logger.debug(f"Lambda invoked with event: {json.dumps(event, default=str)}")
+    
     _create_database_and_schema()
     method = event["httpMethod"]
-    result = {}
-    if method == "GET":
-        result = list_users()
-    elif method == "POST":
-        payload = json.loads(event["body"])
-        result = create_user(payload)
-    return {"statusCode": 200, "body": json.dumps(result)}
+    path = event.get("path", "")
+    
+    logger.debug(f"Processing {method} request to {path}")
+
+    # Handle CORS preflight requests
+    if method == "OPTIONS":
+        return _cors_response(200, "")
+
+    try:
+        # Route based on path and method
+        if path == "/users":
+            if method == "GET":
+                result = list_users()
+                return _cors_response(200, result)
+            elif method == "POST":
+                payload = json.loads(event["body"])
+                result = create_user(payload)
+                return _cors_response(201, result)
+        elif path == "/groups":
+            if method == "GET":
+                result = list_groups()
+                return _cors_response(200, result)
+            elif method == "POST":
+                payload = json.loads(event["body"])
+                result = create_group(payload)
+                return _cors_response(201, result)
+        elif path.startswith("/groups/") and path.endswith("/members"):
+            # Extract group_name from path like /groups/{group_name}/members
+            group_name = path.split("/")[2]
+            if method == "GET":
+                result = list_direct_group_members(group_name)
+                return _cors_response(200, result)
+            elif method == "POST":
+                payload = json.loads(event["body"])
+                result = add_member_to_group(group_name, payload)
+                return _cors_response(201, result)
+        elif path.startswith("/groups/") and path.endswith("/all-members"):
+            # Extract group_name from path like /groups/{group_name}/all-members
+            group_name = path.split("/")[2]
+            if method == "GET":
+                result = list_all_group_members(group_name)
+                return _cors_response(200, result)
+        elif path.startswith("/users/") and path.endswith("/groups"):
+            # Extract username from path like /users/{username}/groups
+            username = path.split("/")[2]
+            if method == "GET":
+                result = list_principal_groups(username, "user")
+                return _cors_response(200, result)
+        elif path.startswith("/users/") and path.endswith("/all-groups"):
+            # Extract username from path like /users/{username}/all-groups
+            username = path.split("/")[2]
+            if method == "GET":
+                result = list_all_principal_groups(username, "user")
+                return _cors_response(200, result)
+        elif path.startswith("/groups/") and path.endswith("/groups"):
+            # Extract group_name from path like /groups/{group_name}/groups
+            group_name = path.split("/")[2]
+            if method == "GET":
+                result = list_principal_groups(group_name, "group")
+                return _cors_response(200, result)
+        elif path.startswith("/groups/") and path.endswith("/all-groups"):
+            # Extract group_name from path like /groups/{group_name}/all-groups
+            group_name = path.split("/")[2]
+            if method == "GET":
+                result = list_all_principal_groups(group_name, "group")
+                return _cors_response(200, result)
+        elif path == "/reset":
+            if method == "POST":
+                result = reset_database()
+                return _cors_response(200, result)
+        
+        logger.debug(f"No route found for {method} request to {path}")
+        return _cors_response(404, {"error": "Not found"})
+    except Exception as e:
+        logger.debug(f"Error processing request: {str(e)}")
+        return _cors_response(400, {"error": str(e)})
 
 
 def create_user(payload: dict):
-    user_name = payload["name"]
-    user_age = payload["age"]
+    logger.debug(f"Creating user")
+    # Validate required fields
+    if "username" not in payload:
+        raise ValueError("Username is required")
+    if "email" not in payload or not payload["email"]:
+        raise ValueError("At least one email is required")
+    
+    username = payload["username"]
+    emails = payload["email"]
+    
+    # Ensure emails is a list
+    if isinstance(emails, str):
+        emails = [emails]
+    
+    # Optional fields
+    profile_picture_uri = payload.get("profile_picture_uri", "")
+    
+    try:
+        with _driver() as driver:
+            with driver.transaction(db_name, TransactionType.WRITE, _transaction_options()) as tx:
+                # Create user with username
+                query = f"insert $u isa user, has user-name '{username}'"
+                
+                # Add all emails
+                for email in emails:
+                    query += f", has email '{email}'"
+                
+                # Add profile picture if provided - check if it's HTTP URL or S3 identifier
+                if profile_picture_uri:
+                    if profile_picture_uri.startswith("http"):
+                        query += f", has profile-picture-url '{profile_picture_uri}'"
+                    else:
+                        query += f", has profile-picture-s3-uri '{profile_picture_uri}'"
+                
+                query += ";"
+                
+                tx.query(query).resolve()
+                tx.commit()
+        
+        return {"message": "User created successfully", "username": username, "email": emails}
+    
+    except Exception as e:
+        error_msg = str(e)
+        if "DVL9" in error_msg and "key constraint violation" in error_msg:
+            raise ValueError(f"User '{username}' already exists")
+        else:
+            raise e
+
+
+def create_group(payload: dict):
+    logger.debug(f"Creating group")
+    # Validate required fields
+    if "group_name" not in payload:
+        raise ValueError("Group name is required")
+    
+    group_name = payload["group_name"]
+    
+    try:
+        with _driver() as driver:
+            with driver.transaction(db_name, TransactionType.WRITE, _transaction_options()) as tx:
+                # Create group with group name
+                query = f"insert $g isa group, has group-name '{group_name}';"
+                
+                tx.query(query).resolve()
+                tx.commit()
+            
+        return {"message": "Group created successfully", "group_name": group_name}
+    
+    except Exception as e:
+        error_msg = str(e)
+        if "DVL9" in error_msg and "key constraint violation" in error_msg:
+            raise ValueError(f"Group '{group_name}' already exists")
+        else:
+            raise e
+
+
+def list_users():
+    logger.debug("Listing users")
     with _driver() as driver:
-        with driver.transaction(db_name, TransactionType.WRITE) as tx:
-            query = f"insert $p isa person, has name '{user_name}', has age {user_age};"
+        logger.debug("Listing users - opened driver")
+        with driver.transaction(db_name, TransactionType.WRITE, _transaction_options()) as tx:
+            logger.debug("Listing users - opened transaction")
+            result = tx.query(
+                'match $u isa user; '
+                'fetch {'
+                '  "username": $u.user-name, '
+                '  "email": [$u.email], '
+                '  "profile_picture_url": $u.profile-picture-url, '
+                '  "profile_picture_s3_uri": $u.profile-picture-s3-uri'
+                '};'
+            ).resolve()
+            result = list(result)
+            tx.commit()
+        
+    return result
+
+
+def list_groups():
+    logger.debug("Listing groups")
+    with _driver() as driver:
+        with driver.transaction(db_name, TransactionType.WRITE, _transaction_options()) as tx:
+            result = tx.query(
+                'match $g isa group; '
+                'fetch {'
+                '  "group_name": $g.group-name'
+                '};'
+            ).resolve()
+            result = list(result)
+            tx.commit()
+        
+    return result
+
+
+def add_member_to_group(group_name: str, payload: dict):
+    logger.debug(f"Adding member to group")
+
+    # Validate required fields - either username or group_name must be provided
+    if "username" not in payload and "group_name" not in payload:
+        raise ValueError("Either 'username' or 'group_name' is required")
+    
+    if "username" in payload and "group_name" in payload:
+        raise ValueError("Provide either 'username' or 'group_name', not both")
+    
+    with _driver() as driver:
+        with driver.transaction(db_name, TransactionType.WRITE, _transaction_options()) as tx:
+            if "username" in payload:
+                # Adding a user to the group
+                username = payload["username"]
+                query = (
+                    f"match "
+                    f"  $member isa user, has user-name '{username}'; "
+                    f"  $group isa group, has group-name '{group_name}'; "
+                    f"put "
+                    f"  $membership isa membership (container: $group, member: $member);"
+                )
+                member_type = "user"
+                member_name = username
+            else:
+                # Adding a group to the group
+                member_group_name = payload["group_name"]
+                query = (
+                    f"match "
+                    f"  $member isa group, has group-name '{member_group_name}'; "
+                    f"  $group isa group, has group-name '{group_name}'; "
+                    f"put "
+                    f"  $membership isa membership (container: $group, member: $member);"
+                )
+                member_type = "group"
+                member_name = member_group_name
+        
             tx.query(query).resolve()
             tx.commit()
+        
+    return {
+        "message": f"{member_type.capitalize()} added to group successfully", 
+        "group_name": group_name, 
+        "member_type": member_type,
+        "member_name": member_name
+    }
 
 
-def list_users():
+def list_direct_group_members(group_name: str):
+    logger.debug(f"Listing direct group members for {group_name}")
+    with _driver() as driver:
+        with driver.transaction(db_name, TransactionType.WRITE, _transaction_options()) as tx:
+            result = tx.query(
+                f'match '
+                f'  $group isa group, has group-name "{group_name}"; '
+                f'  $membership isa membership (container: $group, member: $member); '
+                f'  $member isa! $member-type; '
+                f'fetch {{'
+                f'  "member_name": $member.name, '
+                f'  "group_name": $group.group-name,'
+                f'  "member_type": $member-type'
+                f'}};'
+            ).resolve()
+            result = list(result)
+            tx.commit()
+        
+    return result
+
+
+def list_all_group_members(group_name: str):
+    logger.debug(f"Listing all group members for {group_name}")
     with _driver() as driver:
-        with driver.transaction(db_name, TransactionType.READ) as tx:
+        with driver.transaction(db_name, TransactionType.WRITE, _transaction_options()) as tx:
+            # Use the group-members function from the schema to get all members recursively
             result = tx.query(
-                'match $p isa person; fetch {"name": $p.name, "age": $p.age};'
+                f'match '
+                f'  $group isa group, has group-name "{group_name}"; '
+                f'  let $members in group-members($group); '
+                f'fetch {{'
+                f'  "member_type": $members.isa, '
+                f'  "member_name": $members.name, '
+                f'  "group_name": $members.group-name'
+                f'}};'
             ).resolve()
             result = list(result)
+            tx.commit()
+        
     return result
 
 
+def list_principal_groups(principal_name: str, principal_type: str):
+    """List direct groups for either a user or group principal"""
+    logger.debug(f"Listing direct groups for {principal_name} of type {principal_type}")
+    with _driver() as driver:
+        with driver.transaction(db_name, TransactionType.WRITE, _transaction_options()) as tx:
+            if principal_type == "user":
+                name_attr = "user-name"
+            else:  # group
+                name_attr = "group-name"
+                
+            result = tx.query(
+                f'match '
+                f'  $principal isa {principal_type}, has {name_attr} "{principal_name}"; '
+                f'  membership (member: $principal, container: $group); '
+                f'  $group isa group; '
+                f'fetch {{'
+                f'  "group_name": $group.group-name'
+                f'}};'
+            ).resolve()
+            result = list(result)
+            tx.commit()
+        
+    return result
+
+
+def list_all_principal_groups(principal_name: str, principal_type: str):
+    """List all groups (transitive) for either a user or group principal"""
+    logger.debug(f"Listing all groups for {principal_name} of type {principal_type}")
+    with _driver() as driver:
+        with driver.transaction(db_name, TransactionType.WRITE, _transaction_options()) as tx:
+            if principal_type == "user":
+                name_attr = "user-name"
+            else:  # group
+                name_attr = "group-name"
+                
+            # Use the get-groups function from the schema to get all groups transitively
+            result = tx.query(
+                f'match '
+                f'  $principal isa {principal_type}, has {name_attr} "{principal_name}"; '
+                f'  let $groups in get-groups($principal); '
+                f'fetch {{'
+                f'  "group_name": $groups.group-name'
+                f'}};'
+            ).resolve()
+            result = list(result)
+            tx.commit()
+        
+    return result
+
+
+def reset_database():
+    """Reset the database by deleting it and recreating it with schema"""
+    logger.debug("Resetting database")
+    with _driver() as driver:
+        # Delete database if it exists
+        if driver.databases.contains(db_name):
+            driver.databases.get(db_name).delete()
+            logger.debug(f"Database '{db_name}' deleted")
+        
+        
+    _create_database_and_schema()
+    
+    return {"message": "Database reset successfully"}
+
+
 def _create_database_and_schema():
+    logger.debug("Setting up database and schema")
     with _driver() as driver:
-        driver.databases.create(db_name)
-        with driver.transaction(db_name, TransactionType.SCHEMA) as tx:
-            tx.query("define entity person;").resolve()
-            tx.query("define attribute name, value string; person owns name;").resolve()
-            tx.query("define attribute age, value integer; person owns age;").resolve()
+        # Check if database exists, create only if it doesn't
+        if db_name not in [db.name for db in driver.databases.all()]:
+            driver.databases.create(db_name)
+            logger.debug(f"Database '{db_name}' created")
+        else:
+            logger.debug(f"Database '{db_name}' already exists")
+        
+        entity_type_count = 0
+        # Check if schema already exists by looking for user type
+        with driver.transaction(db_name, TransactionType.WRITE, _transaction_options()) as tx:
+            entity_type_count = len(list(tx.query("match entity $t;").resolve().as_concept_rows()))
             tx.commit()
 
+        if entity_type_count == 0:
+            logger.debug("Loading schema from file")
+            with driver.transaction(db_name, TransactionType.SCHEMA, _transaction_options()) as schema_tx:
+                # Load schema from file
+                with open("schema.tql", "r") as f:
+                    schema_content = f.read()
+                schema_tx.query(schema_content).resolve()
+                schema_tx.commit()
+            logger.debug("Schema loaded successfully")
+        else:
+            logger.debug("Schema already exists.")
+
 
 def _driver():
     return TypeDB.driver(
diff --git a/app/lambda/schema.tql b/app/lambda/schema.tql
new file mode 100644
index 0000000..f79993b
--- /dev/null
+++ b/app/lambda/schema.tql
@@ -0,0 +1,64 @@
+define
+
+# Abstract entity for any actor in the system (user or group).
+# This allows groups to contain other groups (nesting).
+entity principal @abstract,
+  # Principals have an abstract name
+  owns name,
+  # Any principal (a user or another group) can be a member.
+  plays membership:member;
+
+# Represents a human user.
+entity user sub principal,
+  owns email @unique @card(1..),
+  owns user-name @key,
+
+  # one-of multiple types of profile picture
+	owns profile-picture-uri @card(0..1),
+  owns profile-picture-s3-uri,
+  owns profile-picture-url;
+
+# Represents a collection of users and/or other groups.
+entity group sub principal,
+  owns group-name @key,
+  # A group can act as a container for members.
+  plays membership:container;
+
+# Defines the relationship of a principal being a member of a group.
+relation membership,
+  relates container,
+  relates member;
+
+# --- Attributes ---
+attribute name @abstract, value string;
+attribute user-name, sub name;
+attribute group-name, sub name;
+attribute email, value string;
+
+attribute profile-picture-uri @abstract;
+attribute profile-picture-s3-uri, sub profile-picture-uri, value string;
+attribute profile-picture-url, sub profile-picture-uri, value string;
+
+
+# --- Functions ---
+
+fun group-members($group: group) -> { principal }:
+  match
+    {
+      membership (container: $group, member: $member);
+    } or {
+      membership (container: $group, member: $group-member);
+      $group-member isa group;
+      let $member in group-members($group-member);
+    };
+    return { $member };
+
+fun get-groups($principal: principal) -> { group }:
+  match
+    {
+      membership (member: $principal, container: $group);
+    } or {
+      membership (member: $principal, container: $container);
+      let $group in get-groups($container);
+    };
+    return { $group };
\ No newline at end of file
diff --git a/index.html b/index.html
new file mode 100644
index 0000000..8129bda
--- /dev/null
+++ b/index.html
@@ -0,0 +1,139 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>TypeDB User & Group Management</title>
+    <link rel="stylesheet" href="style.css">
+</head>
+<body>
+    <div class="container">
+        <!-- Sidebar -->
+        <div class="sidebar">
+            <h2>Management</h2>
+            <div class="tabs">
+                <button class="tab-button active" onclick="showTab('users')">Users</button>
+                <button class="tab-button" onclick="showTab('groups')">Groups</button>
+            </div>
+            
+            <!-- Users Tab -->
+            <div id="users-tab" class="tab-content active">
+                <div class="section-header">
+                    <h3>Users</h3>
+                    <button class="add-button" onclick="showAddUserForm()">+ Add User</button>
+                </div>
+                <div id="users-list" class="list">
+                    <!-- Users will be populated here -->
+                </div>
+            </div>
+            
+            <!-- Groups Tab -->
+            <div id="groups-tab" class="tab-content">
+                <div class="section-header">
+                    <h3>Groups</h3>
+                    <button class="add-button" onclick="showAddGroupForm()">+ Add Group</button>
+                </div>
+                <div id="groups-list" class="list">
+                    <!-- Groups will be populated here -->
+                </div>
+            </div>
+        </div>
+        
+        <!-- Main Content Area -->
+        <div class="main-content">
+            <div id="welcome-message" class="welcome">
+                <h2>Welcome to TypeDB User & Group Management</h2>
+                <p>Select a user or group from the sidebar to view details.</p>
+            </div>
+            
+            <!-- User Details -->
+            <div id="user-details" class="details-panel" style="display: none;">
+                <h3 id="user-name"></h3>
+                <div class="detail-section">
+                    <h4>User Information</h4>
+                    <div id="user-info"></div>
+                </div>
+                <div class="detail-section">
+                    <h4>Direct Groups</h4>
+                    <div id="user-direct-groups"></div>
+                </div>
+                <div class="detail-section">
+                    <h4>All Groups (Including Indirect)</h4>
+                    <div id="user-all-groups"></div>
+                </div>
+            </div>
+            
+            <!-- Group Details -->
+            <div id="group-details" class="details-panel" style="display: none;">
+                <h3 id="group-name"></h3>
+                <div class="detail-section">
+                    <h4>Group Information</h4>
+                    <div id="group-info"></div>
+                </div>
+                <div class="detail-section">
+                    <h4>Direct Groups This Group Is A Member Of</h4>
+                    <div id="group-parent-groups"></div>
+                </div>
+                <div class="detail-section">
+                    <h4>Direct Groups Within This Group</h4>
+                    <div id="group-child-groups"></div>
+                </div>
+                <div class="detail-section">
+                    <h4>All Groups This Group Is A Member Of (Including Indirect)</h4>
+                    <div id="group-all-parent-groups"></div>
+                </div>
+                <div class="detail-section">
+                    <h4>All Groups Within This Group (Including Indirect)</h4>
+                    <div id="group-all-child-groups"></div>
+                </div>
+            </div>
+        </div>
+    </div>
+    
+    <!-- Add User Modal -->
+    <div id="add-user-modal" class="modal" style="display: none;">
+        <div class="modal-content">
+            <span class="close" onclick="closeModal('add-user-modal')">&times;</span>
+            <h3>Add New User</h3>
+            <form id="add-user-form">
+                <div class="form-group">
+                    <label for="username">Username:</label>
+                    <input type="text" id="username" name="username" required>
+                </div>
+                <div class="form-group">
+                    <label for="email">Email:</label>
+                    <input type="email" id="email" name="email" required>
+                </div>
+                <div class="form-group">
+                    <label for="profile-picture">Profile Picture URL (optional):</label>
+                    <input type="url" id="profile-picture" name="profile-picture">
+                </div>
+                <div class="form-actions">
+                    <button type="button" onclick="closeModal('add-user-modal')">Cancel</button>
+                    <button type="submit">Add User</button>
+                </div>
+            </form>
+        </div>
+    </div>
+    
+    <!-- Add Group Modal -->
+    <div id="add-group-modal" class="modal" style="display: none;">
+        <div class="modal-content">
+            <span class="close" onclick="closeModal('add-group-modal')">&times;</span>
+            <h3>Add New Group</h3>
+            <form id="add-group-form">
+                <div class="form-group">
+                    <label for="group-name">Group Name:</label>
+                    <input type="text" id="group-name" name="group-name" required>
+                </div>
+                <div class="form-actions">
+                    <button type="button" onclick="closeModal('add-group-modal')">Cancel</button>
+                    <button type="submit">Add Group</button>
+                </div>
+            </form>
+        </div>
+    </div>
+    
+    <script src="script.js"></script>
+</body>
+</html>
diff --git a/main.tf b/main.tf
index bec7e4a..c5c0e7a 100644
--- a/main.tf
+++ b/main.tf
@@ -44,13 +44,83 @@ resource "aws_api_gateway_rest_api" "user_api" {
   }
 }
 
-# API Gateway resource 'create'
+# API Gateway resource 'users'
 resource "aws_api_gateway_resource" "user_resource" {
   rest_api_id = aws_api_gateway_rest_api.user_api.id
   parent_id   = aws_api_gateway_rest_api.user_api.root_resource_id
   path_part   = "users"
 }
 
+# API Gateway resource 'reset'
+resource "aws_api_gateway_resource" "reset_resource" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  parent_id   = aws_api_gateway_rest_api.user_api.root_resource_id
+  path_part   = "reset"
+}
+
+# API Gateway resource 'user groups' (nested under users)
+resource "aws_api_gateway_resource" "user_groups_resource" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  parent_id   = aws_api_gateway_rest_api.user_api.root_resource_id
+  path_part   = "users"
+}
+
+resource "aws_api_gateway_resource" "user_groups_nested_resource" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  parent_id   = aws_api_gateway_resource.user_groups_resource.id
+  path_part   = "{username}"
+}
+
+resource "aws_api_gateway_resource" "user_groups_final_resource" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  parent_id   = aws_api_gateway_resource.user_groups_nested_resource.id
+  path_part   = "groups"
+}
+
+resource "aws_api_gateway_resource" "user_all_groups_final_resource" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  parent_id   = aws_api_gateway_resource.user_groups_nested_resource.id
+  path_part   = "all-groups"
+}
+
+# API Gateway resource 'groups'
+resource "aws_api_gateway_resource" "group_resource" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  parent_id   = aws_api_gateway_rest_api.user_api.root_resource_id
+  path_part   = "groups"
+}
+
+# API Gateway resource 'group members' (nested under groups)
+resource "aws_api_gateway_resource" "group_members_resource" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  parent_id   = aws_api_gateway_resource.group_resource.id
+  path_part   = "{group_name}"
+}
+
+resource "aws_api_gateway_resource" "group_members_nested_resource" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  parent_id   = aws_api_gateway_resource.group_members_resource.id
+  path_part   = "members"
+}
+
+resource "aws_api_gateway_resource" "group_all_members_nested_resource" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  parent_id   = aws_api_gateway_resource.group_members_resource.id
+  path_part   = "all-members"
+}
+
+resource "aws_api_gateway_resource" "group_groups_nested_resource" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  parent_id   = aws_api_gateway_resource.group_members_resource.id
+  path_part   = "groups"
+}
+
+resource "aws_api_gateway_resource" "group_all_groups_nested_resource" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  parent_id   = aws_api_gateway_resource.group_members_resource.id
+  path_part   = "all-groups"
+}
+
 # API Gateway method 'create'
 resource "aws_api_gateway_method" "create_user_method" {
   rest_api_id   = aws_api_gateway_rest_api.user_api.id
@@ -89,6 +159,190 @@ resource "aws_api_gateway_integration" "lambda_list_integration" {
   uri                    = aws_lambda_function.user_lambda.invoke_arn
 }
 
+# API Gateway method 'reset'
+resource "aws_api_gateway_method" "reset_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.reset_resource.id
+  http_method   = "POST"
+  authorization = "NONE"
+}
+
+# API Gateway integration 'reset'
+resource "aws_api_gateway_integration" "lambda_reset_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.reset_resource.id
+  http_method = aws_api_gateway_method.reset_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
+}
+
+# API Gateway method 'create group'
+resource "aws_api_gateway_method" "create_group_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.group_resource.id
+  http_method   = "POST"
+  authorization = "NONE"
+}
+
+# API Gateway integration 'create group'
+resource "aws_api_gateway_integration" "lambda_create_group_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.group_resource.id
+  http_method = aws_api_gateway_method.create_group_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
+}
+
+# API Gateway method 'list groups'
+resource "aws_api_gateway_method" "list_groups_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.group_resource.id
+  http_method   = "GET"
+  authorization = "NONE"
+}
+
+# API Gateway integration 'list groups'
+resource "aws_api_gateway_integration" "lambda_list_groups_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.group_resource.id
+  http_method = aws_api_gateway_method.list_groups_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
+}
+
+# API Gateway method 'add member to group'
+resource "aws_api_gateway_method" "add_group_member_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.group_members_nested_resource.id
+  http_method   = "POST"
+  authorization = "NONE"
+}
+
+# API Gateway integration 'add member to group'
+resource "aws_api_gateway_integration" "lambda_add_group_member_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.group_members_nested_resource.id
+  http_method = aws_api_gateway_method.add_group_member_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
+}
+
+# API Gateway method 'list group members'
+resource "aws_api_gateway_method" "list_group_members_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.group_members_nested_resource.id
+  http_method   = "GET"
+  authorization = "NONE"
+}
+
+# API Gateway integration 'list group members'
+resource "aws_api_gateway_integration" "lambda_list_group_members_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.group_members_nested_resource.id
+  http_method = aws_api_gateway_method.list_group_members_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
+}
+
+# API Gateway method 'list all group members'
+resource "aws_api_gateway_method" "list_all_group_members_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.group_all_members_nested_resource.id
+  http_method   = "GET"
+  authorization = "NONE"
+}
+
+# API Gateway integration 'list all group members'
+resource "aws_api_gateway_integration" "lambda_list_all_group_members_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.group_all_members_nested_resource.id
+  http_method = aws_api_gateway_method.list_all_group_members_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
+}
+
+# User Groups Methods and Integrations
+resource "aws_api_gateway_method" "list_user_groups_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.user_groups_final_resource.id
+  http_method   = "GET"
+  authorization = "NONE"
+}
+
+resource "aws_api_gateway_integration" "lambda_list_user_groups_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.user_groups_final_resource.id
+  http_method = aws_api_gateway_method.list_user_groups_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
+}
+
+resource "aws_api_gateway_method" "list_all_user_groups_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.user_all_groups_final_resource.id
+  http_method   = "GET"
+  authorization = "NONE"
+}
+
+resource "aws_api_gateway_integration" "lambda_list_all_user_groups_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.user_all_groups_final_resource.id
+  http_method = aws_api_gateway_method.list_all_user_groups_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
+}
+
+# Group Groups Methods and Integrations
+resource "aws_api_gateway_method" "list_group_groups_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.group_groups_nested_resource.id
+  http_method   = "GET"
+  authorization = "NONE"
+}
+
+resource "aws_api_gateway_integration" "lambda_list_group_groups_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.group_groups_nested_resource.id
+  http_method = aws_api_gateway_method.list_group_groups_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
+}
+
+resource "aws_api_gateway_method" "list_all_group_groups_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.group_all_groups_nested_resource.id
+  http_method   = "GET"
+  authorization = "NONE"
+}
+
+resource "aws_api_gateway_integration" "lambda_list_all_group_groups_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.group_all_groups_nested_resource.id
+  http_method = aws_api_gateway_method.list_all_group_groups_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
+}
+
 # Lambda permission for API Gateway
 resource "aws_lambda_permission" "api_gateway_lambda" {
   statement_id  = "AllowExecutionFromAPIGateway"
@@ -102,6 +356,17 @@ resource "aws_lambda_permission" "api_gateway_lambda" {
 resource "aws_api_gateway_deployment" "user_api_deployment" {
   depends_on = [
     aws_api_gateway_integration.lambda_integration,
+    aws_api_gateway_integration.lambda_list_integration,
+    aws_api_gateway_integration.lambda_reset_integration,
+    aws_api_gateway_integration.lambda_create_group_integration,
+    aws_api_gateway_integration.lambda_list_groups_integration,
+    aws_api_gateway_integration.lambda_add_group_member_integration,
+    aws_api_gateway_integration.lambda_list_group_members_integration,
+    aws_api_gateway_integration.lambda_list_all_group_members_integration,
+    aws_api_gateway_integration.lambda_list_user_groups_integration,
+    aws_api_gateway_integration.lambda_list_all_user_groups_integration,
+    aws_api_gateway_integration.lambda_list_group_groups_integration,
+    aws_api_gateway_integration.lambda_list_all_group_groups_integration,
   ]
 
   rest_api_id = aws_api_gateway_rest_api.user_api.id
@@ -116,10 +381,214 @@ resource "aws_api_gateway_stage" "stage" {
   deployment_id = aws_api_gateway_deployment.user_api_deployment.id
   rest_api_id   = aws_api_gateway_rest_api.user_api.id
   stage_name    = "test"
+  
+  # Force recreation when deployment changes
+  lifecycle {
+    create_before_destroy = true
+  }
 }
 
-# Output the API Gateway ID
+# Output the API Gateway endpoints
 output "api_endpoint" {
+  value = "http://${aws_api_gateway_rest_api.user_api.id}.execute-api.localhost.localstack.cloud:4566/test"
+  description = "API Gateway base URL"
+}
+
+output "users_endpoint" {
   value = "http://${aws_api_gateway_rest_api.user_api.id}.execute-api.localhost.localstack.cloud:4566/test/users"
-  description = "API Gateway ID"
+  description = "Users API endpoint"
+}
+
+output "groups_endpoint" {
+  value = "http://${aws_api_gateway_rest_api.user_api.id}.execute-api.localhost.localstack.cloud:4566/test/groups"
+  description = "Groups API endpoint"
+}
+
+output "reset_endpoint" {
+  value = "http://${aws_api_gateway_rest_api.user_api.id}.execute-api.localhost.localstack.cloud:4566/test/reset"
+  description = "Reset database API endpoint"
+}
+
+output "group_members_endpoint" {
+  value = "http://${aws_api_gateway_rest_api.user_api.id}.execute-api.localhost.localstack.cloud:4566/test/groups/{group_name}/members"
+  description = "Group members API endpoint (replace {group_name} with actual group name)"
+}
+
+output "group_all_members_endpoint" {
+  value = "http://${aws_api_gateway_rest_api.user_api.id}.execute-api.localhost.localstack.cloud:4566/test/groups/{group_name}/all-members"
+  description = "Group all members API endpoint (replace {group_name} with actual group name)"
+}
+
+output "user_groups_endpoint" {
+  value = "http://${aws_api_gateway_rest_api.user_api.id}.execute-api.localhost.localstack.cloud:4566/test/users/{username}/groups"
+  description = "User groups API endpoint (replace {username} with actual username)"
+}
+
+output "user_all_groups_endpoint" {
+  value = "http://${aws_api_gateway_rest_api.user_api.id}.execute-api.localhost.localstack.cloud:4566/test/users/{username}/all-groups"
+  description = "User all groups API endpoint (replace {username} with actual username)"
+}
+
+output "group_groups_endpoint" {
+  value = "http://${aws_api_gateway_rest_api.user_api.id}.execute-api.localhost.localstack.cloud:4566/test/groups/{group_name}/groups"
+  description = "Group groups API endpoint (replace {group_name} with actual group name)"
+}
+
+output "group_all_groups_endpoint" {
+  value = "http://${aws_api_gateway_rest_api.user_api.id}.execute-api.localhost.localstack.cloud:4566/test/groups/{group_name}/all-groups"
+  description = "Group all groups API endpoint (replace {group_name} with actual group name)"
+}
+
+# CORS OPTIONS methods for all endpoints
+resource "aws_api_gateway_method" "users_options_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.user_resource.id
+  http_method   = "OPTIONS"
+  authorization = "NONE"
+}
+
+resource "aws_api_gateway_integration" "users_options_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.user_resource.id
+  http_method = aws_api_gateway_method.users_options_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
+}
+
+resource "aws_api_gateway_method" "groups_options_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.group_resource.id
+  http_method   = "OPTIONS"
+  authorization = "NONE"
+}
+
+resource "aws_api_gateway_integration" "groups_options_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.group_resource.id
+  http_method = aws_api_gateway_method.groups_options_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
+}
+
+resource "aws_api_gateway_method" "group_members_options_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.group_members_nested_resource.id
+  http_method   = "OPTIONS"
+  authorization = "NONE"
+}
+
+resource "aws_api_gateway_integration" "group_members_options_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.group_members_nested_resource.id
+  http_method = aws_api_gateway_method.group_members_options_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
+}
+
+resource "aws_api_gateway_method" "group_all_members_options_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.group_all_members_nested_resource.id
+  http_method   = "OPTIONS"
+  authorization = "NONE"
+}
+
+resource "aws_api_gateway_integration" "group_all_members_options_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.group_all_members_nested_resource.id
+  http_method = aws_api_gateway_method.group_all_members_options_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
+}
+
+resource "aws_api_gateway_method" "user_groups_options_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.user_groups_final_resource.id
+  http_method   = "OPTIONS"
+  authorization = "NONE"
+}
+
+resource "aws_api_gateway_integration" "user_groups_options_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.user_groups_final_resource.id
+  http_method = aws_api_gateway_method.user_groups_options_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
+}
+
+resource "aws_api_gateway_method" "user_all_groups_options_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.user_all_groups_final_resource.id
+  http_method   = "OPTIONS"
+  authorization = "NONE"
+}
+
+resource "aws_api_gateway_integration" "user_all_groups_options_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.user_all_groups_final_resource.id
+  http_method = aws_api_gateway_method.user_all_groups_options_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
+}
+
+resource "aws_api_gateway_method" "group_groups_options_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.group_groups_nested_resource.id
+  http_method   = "OPTIONS"
+  authorization = "NONE"
+}
+
+resource "aws_api_gateway_integration" "group_groups_options_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.group_groups_nested_resource.id
+  http_method = aws_api_gateway_method.group_groups_options_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
+}
+
+resource "aws_api_gateway_method" "group_all_groups_options_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.group_all_groups_nested_resource.id
+  http_method   = "OPTIONS"
+  authorization = "NONE"
+}
+
+resource "aws_api_gateway_integration" "group_all_groups_options_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.group_all_groups_nested_resource.id
+  http_method = aws_api_gateway_method.group_all_groups_options_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
+}
+
+resource "aws_api_gateway_method" "reset_options_method" {
+  rest_api_id   = aws_api_gateway_rest_api.user_api.id
+  resource_id   = aws_api_gateway_resource.reset_resource.id
+  http_method   = "OPTIONS"
+  authorization = "NONE"
+}
+
+resource "aws_api_gateway_integration" "reset_options_integration" {
+  rest_api_id = aws_api_gateway_rest_api.user_api.id
+  resource_id = aws_api_gateway_resource.reset_resource.id
+  http_method = aws_api_gateway_method.reset_options_method.http_method
+
+  integration_http_method = "POST"
+  type                   = "AWS_PROXY"
+  uri                    = aws_lambda_function.user_lambda.invoke_arn
 }
diff --git a/script.js b/script.js
new file mode 100644
index 0000000..90d9ef0
--- /dev/null
+++ b/script.js
@@ -0,0 +1,380 @@
+// TypeDB User & Group Management Interface JavaScript
+
+// Configuration
+const API_BASE_URL = 'http://users-api.execute-api.localhost.localstack.cloud:4566/test';
+
+// Global state
+let currentUser = null;
+let currentGroup = null;
+let users = [];
+let groups = [];
+
+// Initialize the application
+document.addEventListener('DOMContentLoaded', function() {
+    loadUsers();
+    loadGroups();
+    setupEventListeners();
+});
+
+// Setup event listeners
+function setupEventListeners() {
+    // Add user form submission
+    document.getElementById('add-user-form').addEventListener('submit', handleAddUser);
+    
+    // Add group form submission
+    document.getElementById('add-group-form').addEventListener('submit', handleAddGroup);
+}
+
+// Tab switching
+function showTab(tabName) {
+    // Hide all tab contents
+    document.querySelectorAll('.tab-content').forEach(tab => {
+        tab.classList.remove('active');
+    });
+    
+    // Remove active class from all tab buttons
+    document.querySelectorAll('.tab-button').forEach(button => {
+        button.classList.remove('active');
+    });
+    
+    // Show selected tab content
+    document.getElementById(tabName + '-tab').classList.add('active');
+    
+    // Add active class to clicked button
+    event.target.classList.add('active');
+    
+    // Clear main content
+    clearMainContent();
+}
+
+// Clear main content
+function clearMainContent() {
+    document.getElementById('welcome-message').style.display = 'block';
+    document.getElementById('user-details').style.display = 'none';
+    document.getElementById('group-details').style.display = 'none';
+    currentUser = null;
+    currentGroup = null;
+}
+
+// API Functions
+async function apiRequest(endpoint, method = 'GET', data = null) {
+    const url = `${API_BASE_URL}${endpoint}`;
+    const options = {
+        method: method,
+        headers: {
+            'Content-Type': 'application/json',
+        }
+    };
+    
+    if (data) {
+        options.body = JSON.stringify(data);
+    }
+    
+    try {
+        const response = await fetch(url, options);
+        const result = await response.json();
+        
+        if (!response.ok) {
+            throw new Error(result.error || `HTTP ${response.status}`);
+        }
+        
+        return result;
+    } catch (error) {
+        console.error('API Error:', error);
+        throw error;
+    }
+}
+
+// Load users
+async function loadUsers() {
+    try {
+        users = await apiRequest('/users');
+        renderUsersList();
+    } catch (error) {
+        console.error('Failed to load users:', error);
+        showError('Failed to load users: ' + error.message);
+    }
+}
+
+// Load groups
+async function loadGroups() {
+    try {
+        groups = await apiRequest('/groups');
+        renderGroupsList();
+    } catch (error) {
+        console.error('Failed to load groups:', error);
+        showError('Failed to load groups: ' + error.message);
+    }
+}
+
+// Render users list
+function renderUsersList() {
+    const usersList = document.getElementById('users-list');
+    usersList.innerHTML = '';
+    
+    users.forEach(user => {
+        const userItem = document.createElement('div');
+        userItem.className = 'list-item';
+        userItem.textContent = user.username;
+        userItem.onclick = () => selectUser(user);
+        usersList.appendChild(userItem);
+    });
+}
+
+// Render groups list
+function renderGroupsList() {
+    const groupsList = document.getElementById('groups-list');
+    groupsList.innerHTML = '';
+    
+    groups.forEach(group => {
+        const groupItem = document.createElement('div');
+        groupItem.className = 'list-item';
+        groupItem.textContent = group.group_name;
+        groupItem.onclick = () => selectGroup(group);
+        groupsList.appendChild(groupItem);
+    });
+}
+
+// Select user
+async function selectUser(user) {
+    // Update UI state
+    document.querySelectorAll('#users-list .list-item').forEach(item => {
+        item.classList.remove('selected');
+    });
+    event.target.classList.add('selected');
+    
+    // Clear group details
+    document.getElementById('group-details').style.display = 'none';
+    
+    // Show user details
+    document.getElementById('welcome-message').style.display = 'none';
+    document.getElementById('user-details').style.display = 'block';
+    
+    currentUser = user;
+    
+    // Update user name
+    document.getElementById('user-name').textContent = user.username;
+    
+    // Update user info
+    const userInfo = document.getElementById('user-info');
+    userInfo.innerHTML = `
+        <div class="detail-item">
+            <span class="detail-label">Username:</span>
+            <span class="detail-value">${user.username}</span>
+        </div>
+        <div class="detail-item">
+            <span class="detail-label">Email:</span>
+            <span class="detail-value">${Array.isArray(user.email) ? user.email.join(', ') : user.email}</span>
+        </div>
+        ${user.profile_picture_url ? `
+        <div class="detail-item">
+            <span class="detail-label">Profile Picture:</span>
+            <span class="detail-value">${user.profile_picture_url}</span>
+        </div>
+        ` : ''}
+    `;
+    
+    // Load user groups
+    await loadUserGroups(user.username);
+}
+
+// Load user groups
+async function loadUserGroups(username) {
+    try {
+        // Load direct groups
+        const directGroups = await apiRequest(`/users/${username}/groups`);
+        const directGroupsDiv = document.getElementById('user-direct-groups');
+        if (directGroups.length > 0) {
+            directGroupsDiv.innerHTML = directGroups.map(group => 
+                `<span class="group-tag">${group.group_name}</span>`
+            ).join('');
+        } else {
+            directGroupsDiv.innerHTML = '<span class="group-tag empty">No direct groups</span>';
+        }
+        
+        // Load all groups (including indirect)
+        const allGroups = await apiRequest(`/users/${username}/all-groups`);
+        const allGroupsDiv = document.getElementById('user-all-groups');
+        if (allGroups.length > 0) {
+            allGroupsDiv.innerHTML = allGroups.map(group => 
+                `<span class="group-tag">${group.group_name}</span>`
+            ).join('');
+        } else {
+            allGroupsDiv.innerHTML = '<span class="group-tag empty">No groups</span>';
+        }
+    } catch (error) {
+        console.error('Failed to load user groups:', error);
+        document.getElementById('user-direct-groups').innerHTML = '<span class="error">Failed to load groups</span>';
+        document.getElementById('user-all-groups').innerHTML = '<span class="error">Failed to load groups</span>';
+    }
+}
+
+// Select group
+async function selectGroup(group) {
+    // Update UI state
+    document.querySelectorAll('#groups-list .list-item').forEach(item => {
+        item.classList.remove('selected');
+    });
+    event.target.classList.add('selected');
+    
+    // Clear user details
+    document.getElementById('user-details').style.display = 'none';
+    
+    // Show group details
+    document.getElementById('welcome-message').style.display = 'none';
+    document.getElementById('group-details').style.display = 'block';
+    
+    currentGroup = group;
+    
+    // Update group name
+    document.getElementById('group-name').textContent = group.group_name;
+    
+    // Update group info
+    const groupInfo = document.getElementById('group-info');
+    groupInfo.innerHTML = `
+        <div class="detail-item">
+            <span class="detail-label">Group Name:</span>
+            <span class="detail-value">${group.group_name}</span>
+        </div>
+    `;
+    
+    // Load group relationships
+    await loadGroupRelationships(group.group_name);
+}
+
+// Load group relationships
+async function loadGroupRelationships(groupName) {
+    try {
+        // Load groups this group is a member of (direct)
+        const parentGroups = await apiRequest(`/groups/${groupName}/groups`);
+        const parentGroupsDiv = document.getElementById('group-parent-groups');
+        if (parentGroups.length > 0) {
+            parentGroupsDiv.innerHTML = parentGroups.map(group => 
+                `<span class="group-tag">${group.group_name}</span>`
+            ).join('');
+        } else {
+            parentGroupsDiv.innerHTML = '<span class="group-tag empty">Not a member of any groups</span>';
+        }
+        
+        // Load all groups this group is a member of (including indirect)
+        const allParentGroups = await apiRequest(`/groups/${groupName}/all-groups`);
+        const allParentGroupsDiv = document.getElementById('group-all-parent-groups');
+        if (allParentGroups.length > 0) {
+            allParentGroupsDiv.innerHTML = allParentGroups.map(group => 
+                `<span class="group-tag">${group.group_name}</span>`
+            ).join('');
+        } else {
+            allParentGroupsDiv.innerHTML = '<span class="group-tag empty">Not a member of any groups</span>';
+        }
+        
+        // Load direct members (groups only)
+        const directMembers = await apiRequest(`/groups/${groupName}/members`);
+        const childGroups = directMembers.filter(member => member.member_type.label === 'group');
+        const childGroupsDiv = document.getElementById('group-child-groups');
+        if (childGroups.length > 0) {
+            childGroupsDiv.innerHTML = childGroups.map(member => 
+                `<span class="group-tag">${member.member_name}</span>`
+            ).join('');
+        } else {
+            childGroupsDiv.innerHTML = '<span class="group-tag empty">No direct groups</span>';
+        }
+        
+        // Load all members (groups only, including indirect)
+        const allMembers = await apiRequest(`/groups/${groupName}/all-members`);
+        const allChildGroups = allMembers.filter(member => member.member_type.label === 'group');
+        const allChildGroupsDiv = document.getElementById('group-all-child-groups');
+        if (allChildGroups.length > 0) {
+            allChildGroupsDiv.innerHTML = allChildGroups.map(member => 
+                `<span class="group-tag">${member.member_name}</span>`
+            ).join('');
+        } else {
+            allChildGroupsDiv.innerHTML = '<span class="group-tag empty">No groups</span>';
+        }
+    } catch (error) {
+        console.error('Failed to load group relationships:', error);
+        showError('Failed to load group relationships: ' + error.message);
+    }
+}
+
+// Modal functions
+function showAddUserForm() {
+    document.getElementById('add-user-modal').style.display = 'block';
+}
+
+function showAddGroupForm() {
+    document.getElementById('add-group-modal').style.display = 'block';
+}
+
+function closeModal(modalId) {
+    document.getElementById(modalId).style.display = 'none';
+    // Clear form
+    if (modalId === 'add-user-modal') {
+        document.getElementById('add-user-form').reset();
+    } else if (modalId === 'add-group-modal') {
+        document.getElementById('add-group-form').reset();
+    }
+}
+
+// Handle add user
+async function handleAddUser(event) {
+    event.preventDefault();
+    
+    const formData = new FormData(event.target);
+    const userData = {
+        username: formData.get('username'),
+        email: formData.get('email'),
+    };
+    
+    if (formData.get('profile-picture')) {
+        userData.profile_picture_uri = formData.get('profile-picture');
+    }
+    
+    try {
+        await apiRequest('/users', 'POST', userData);
+        closeModal('add-user-modal');
+        await loadUsers(); // Reload users list
+        showSuccess('User created successfully!');
+    } catch (error) {
+        showError('Failed to create user: ' + error.message);
+    }
+}
+
+// Handle add group
+async function handleAddGroup(event) {
+    event.preventDefault();
+    
+    const formData = new FormData(event.target);
+    const groupData = {
+        group_name: formData.get('group-name')
+    };
+    
+    try {
+        await apiRequest('/groups', 'POST', groupData);
+        closeModal('add-group-modal');
+        await loadGroups(); // Reload groups list
+        showSuccess('Group created successfully!');
+    } catch (error) {
+        showError('Failed to create group: ' + error.message);
+    }
+}
+
+// Utility functions
+function showError(message) {
+    // Simple error display - could be enhanced with a proper notification system
+    alert('Error: ' + message);
+}
+
+function showSuccess(message) {
+    // Simple success display - could be enhanced with a proper notification system
+    alert('Success: ' + message);
+}
+
+// Close modal when clicking outside
+window.onclick = function(event) {
+    const modals = document.querySelectorAll('.modal');
+    modals.forEach(modal => {
+        if (event.target === modal) {
+            modal.style.display = 'none';
+        }
+    });
+}
diff --git a/style.css b/style.css
new file mode 100644
index 0000000..92c75d7
--- /dev/null
+++ b/style.css
@@ -0,0 +1,293 @@
+/* Basic CSS styling for TypeDB User & Group Management Interface */
+
+* {
+    margin: 0;
+    padding: 0;
+    box-sizing: border-box;
+}
+
+body {
+    font-family: Arial, sans-serif;
+    background-color: #f5f5f5;
+}
+
+.container {
+    display: flex;
+    height: 100vh;
+}
+
+/* Sidebar */
+.sidebar {
+    width: 300px;
+    background-color: #2c3e50;
+    color: white;
+    padding: 20px;
+    overflow-y: auto;
+}
+
+.sidebar h2 {
+    margin-bottom: 20px;
+    color: #ecf0f1;
+}
+
+.tabs {
+    margin-bottom: 20px;
+}
+
+.tab-button {
+    width: 100%;
+    padding: 10px;
+    margin-bottom: 5px;
+    background-color: #34495e;
+    color: white;
+    border: none;
+    cursor: pointer;
+    border-radius: 4px;
+}
+
+.tab-button:hover {
+    background-color: #4a6741;
+}
+
+.tab-button.active {
+    background-color: #27ae60;
+}
+
+.tab-content {
+    display: none;
+}
+
+.tab-content.active {
+    display: block;
+}
+
+.section-header {
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+    margin-bottom: 15px;
+}
+
+.section-header h3 {
+    color: #ecf0f1;
+}
+
+.add-button {
+    background-color: #27ae60;
+    color: white;
+    border: none;
+    padding: 8px 12px;
+    border-radius: 4px;
+    cursor: pointer;
+}
+
+.add-button:hover {
+    background-color: #2ecc71;
+}
+
+.list {
+    max-height: 400px;
+    overflow-y: auto;
+}
+
+.list-item {
+    padding: 10px;
+    margin-bottom: 5px;
+    background-color: #34495e;
+    border-radius: 4px;
+    cursor: pointer;
+    transition: background-color 0.2s;
+}
+
+.list-item:hover {
+    background-color: #4a6741;
+}
+
+.list-item.selected {
+    background-color: #27ae60;
+}
+
+/* Main Content */
+.main-content {
+    flex: 1;
+    padding: 20px;
+    overflow-y: auto;
+}
+
+.welcome {
+    text-align: center;
+    margin-top: 50px;
+    color: #7f8c8d;
+}
+
+.details-panel {
+    background-color: white;
+    padding: 20px;
+    border-radius: 8px;
+    box-shadow: 0 2px 4px rgba(0,0,0,0.1);
+}
+
+.details-panel h3 {
+    color: #2c3e50;
+    margin-bottom: 20px;
+    border-bottom: 2px solid #ecf0f1;
+    padding-bottom: 10px;
+}
+
+.detail-section {
+    margin-bottom: 25px;
+}
+
+.detail-section h4 {
+    color: #34495e;
+    margin-bottom: 10px;
+    font-size: 16px;
+}
+
+.detail-item {
+    padding: 8px 0;
+    border-bottom: 1px solid #ecf0f1;
+}
+
+.detail-item:last-child {
+    border-bottom: none;
+}
+
+.detail-label {
+    font-weight: bold;
+    color: #2c3e50;
+}
+
+.detail-value {
+    color: #7f8c8d;
+    margin-left: 10px;
+}
+
+.group-list {
+    display: flex;
+    flex-wrap: wrap;
+    gap: 10px;
+}
+
+.group-tag {
+    background-color: #3498db;
+    color: white;
+    padding: 5px 10px;
+    border-radius: 15px;
+    font-size: 12px;
+}
+
+.group-tag.empty {
+    background-color: #95a5a6;
+    font-style: italic;
+}
+
+/* Modal */
+.modal {
+    position: fixed;
+    z-index: 1000;
+    left: 0;
+    top: 0;
+    width: 100%;
+    height: 100%;
+    background-color: rgba(0,0,0,0.5);
+}
+
+.modal-content {
+    background-color: white;
+    margin: 10% auto;
+    padding: 20px;
+    border-radius: 8px;
+    width: 400px;
+    position: relative;
+}
+
+.close {
+    position: absolute;
+    right: 15px;
+    top: 15px;
+    font-size: 24px;
+    cursor: pointer;
+    color: #7f8c8d;
+}
+
+.close:hover {
+    color: #2c3e50;
+}
+
+.modal-content h3 {
+    margin-bottom: 20px;
+    color: #2c3e50;
+}
+
+.form-group {
+    margin-bottom: 15px;
+}
+
+.form-group label {
+    display: block;
+    margin-bottom: 5px;
+    color: #2c3e50;
+    font-weight: bold;
+}
+
+.form-group input {
+    width: 100%;
+    padding: 8px;
+    border: 1px solid #bdc3c7;
+    border-radius: 4px;
+    font-size: 14px;
+}
+
+.form-group input:focus {
+    outline: none;
+    border-color: #3498db;
+}
+
+.form-actions {
+    display: flex;
+    justify-content: flex-end;
+    gap: 10px;
+    margin-top: 20px;
+}
+
+.form-actions button {
+    padding: 10px 20px;
+    border: none;
+    border-radius: 4px;
+    cursor: pointer;
+}
+
+.form-actions button[type="button"] {
+    background-color: #95a5a6;
+    color: white;
+}
+
+.form-actions button[type="submit"] {
+    background-color: #27ae60;
+    color: white;
+}
+
+.form-actions button:hover {
+    opacity: 0.8;
+}
+
+/* Error messages */
+.error {
+    color: #e74c3c;
+    font-size: 12px;
+    margin-top: 5px;
+}
+
+.success {
+    color: #27ae60;
+    font-size: 12px;
+    margin-top: 5px;
+}
+
+/* Loading state */
+.loading {
+    text-align: center;
+    color: #7f8c8d;
+    font-style: italic;
+}
diff --git a/tests/test_lambda.py b/tests/test_lambda.py
new file mode 100644
index 0000000..884efc0
--- /dev/null
+++ b/tests/test_lambda.py
@@ -0,0 +1,244 @@
+import requests
+import json
+import pytest
+from time import sleep
+
+class TestLambdaAPI:
+    """Test the Lambda-based HTTP API endpoints"""
+
+    @pytest.fixture(autouse=True)
+    def setup(self):
+        """Setup for each test - ensure clean state"""
+        self.base_url = "http://users-api.execute-api.localhost.localstack.cloud:4566/test"
+        self.users_endpoint = f"{self.base_url}/users"
+        self.groups_endpoint = f"{self.base_url}/groups"
+        self.reset_endpoint = f"{self.base_url}/reset"
+        
+        # Reset database before each test
+        self.reset_database()
+    
+    def reset_database(self):
+        """Reset the database to ensure clean test state"""
+        # Resetting database...
+        response = requests.post(self.reset_endpoint)
+        assert response.status_code == 200
+        # Reset response processed
+        
+    def test_create_and_list_users(self):
+        """Test creating users and listing them """
+        # Creating user alice...
+        alice_data = {
+            "username": "alice",
+            "email": ["alice@example.com", "alice.work@company.com"],
+            "profile_picture_uri": "https://example.com/alice.jpg"
+        }
+        response = requests.post(
+            self.users_endpoint,
+            headers={'content-type': 'application/json'},
+            json=alice_data
+        )
+        # Response processed
+        assert response.status_code == 201
+        assert response.json()["username"] == "alice"
+        
+        # Creating user bob...
+        bob_data = {
+            "username": "bob",
+            "email": "bob@example.com"
+        }
+        response = requests.post(
+            self.users_endpoint,
+            headers={'content-type': 'application/json'},
+            json=bob_data
+        )
+        # Response processed
+        assert response.status_code == 201
+        assert response.json()["username"] == "bob"
+        
+        # Listing all users...
+        response = requests.get(self.users_endpoint)
+        # Response processed
+        assert response.status_code == 200
+        
+        users = response.json()
+        assert len(users) == 2
+        
+        # Check alice
+        alice = next(u for u in users if u["username"] == "alice")
+        assert "alice@example.com" in alice["email"]
+        assert "alice.work@company.com" in alice["email"]
+        assert alice["profile_picture_url"] == "https://example.com/alice.jpg"
+        assert alice["profile_picture_s3_uri"] is None
+        
+        # Check bob
+        bob = next(u for u in users if u["username"] == "bob")
+        assert bob["email"] == ["bob@example.com"]
+        assert bob["profile_picture_url"] is None
+        assert bob["profile_picture_s3_uri"] is None
+
+    def test_duplicate_user_error(self):
+        """Test that creating a duplicate user returns a proper error message"""
+        user_data = {
+            "username": "testuser",
+            "email": "test@example.com"
+        }
+        
+        # Create user first time - should succeed
+        response = requests.post(
+            self.users_endpoint,
+            headers={'content-type': 'application/json'},
+            json=user_data
+        )
+        assert response.status_code == 201
+        
+        # Try to create same user again - should fail with proper error
+        response = requests.post(
+            self.users_endpoint,
+            headers={'content-type': 'application/json'},
+            json=user_data
+        )
+        assert response.status_code == 400
+        error_response = response.json()
+        assert "already exists" in error_response["error"]
+        assert "testuser" in error_response["error"]
+
+    def test_create_and_list_groups(self):
+        """Test creating groups and listing them"""
+        # Creating group developers...
+        group_data = {"group_name": "developers"}
+        response = requests.post(
+            self.groups_endpoint,
+            headers={'content-type': 'application/json'},
+            json=group_data
+        )
+        # Response processed
+        assert response.status_code == 201
+        assert response.json()["group_name"] == "developers"
+        
+        # Creating group managers...
+        group_data = {"group_name": "managers"}
+        response = requests.post(
+            self.groups_endpoint,
+            headers={'content-type': 'application/json'},
+            json=group_data
+        )
+        # Response processed
+        assert response.status_code == 201
+        
+        # Listing all groups...
+        response = requests.get(self.groups_endpoint)
+        # Response processed
+        assert response.status_code == 200
+        
+        groups = response.json()
+        assert len(groups) == 2
+        group_names = [g["group_name"] for g in groups]
+        assert "developers" in group_names
+        assert "managers" in group_names
+
+    def test_duplicate_group_error(self):
+        """Test that creating a duplicate group returns a proper error message"""
+        group_data = {"group_name": "testgroup"}
+        
+        # Create group first time - should succeed
+        response = requests.post(
+            self.groups_endpoint,
+            headers={'content-type': 'application/json'},
+            json=group_data
+        )
+        assert response.status_code == 201
+        
+        # Try to create same group again - should fail with proper error
+        response = requests.post(
+            self.groups_endpoint,
+            headers={'content-type': 'application/json'},
+            json=group_data
+        )
+        assert response.status_code == 400
+        error_response = response.json()
+        assert "already exists" in error_response["error"]
+        assert "testgroup" in error_response["error"]
+
+    def test_add_users_to_group(self):
+        """Test adding users to groups"""
+        # First create a user and group
+        user_data = {"username": "groupuser", "email": "groupuser@example.com"}
+        requests.post(self.users_endpoint, json=user_data, headers={'content-type': 'application/json'})
+        
+        group_data = {"group_name": "testgroup"}
+        requests.post(self.groups_endpoint, json=group_data, headers={'content-type': 'application/json'})
+        
+        # Add user to group
+        member_data = {"username": "groupuser"}
+        response = requests.post(
+            f"{self.base_url}/groups/testgroup/members",
+            headers={'content-type': 'application/json'},
+            json=member_data
+        )
+        assert response.status_code == 201
+        assert "added to group successfully" in response.json()["message"]
+        
+        # List group members
+        response = requests.get(f"{self.base_url}/groups/testgroup/members")
+        assert response.status_code == 200
+        members = response.json()
+        assert len(members) == 1
+        assert members[0]["member_name"] == "groupuser"
+        assert members[0]["member_type"]["label"] == "user"
+
+    def test_complex_workflow(self):
+        """Test a more complex workflow: create users, groups, add members, check relationships"""
+        # Complex Workflow Test
+        
+        # Create users
+        users_data = [
+            {"username": "alice", "email": "alice@company.com"},
+            {"username": "bob", "email": "bob@company.com"},
+            {"username": "charlie", "email": "charlie@company.com"}
+        ]
+        
+        for user_data in users_data:
+            response = requests.post(self.users_endpoint, json=user_data, headers={'content-type': 'application/json'})
+            assert response.status_code == 201
+            # User created
+        
+        # Create groups
+        groups_data = [
+            {"group_name": "developers"},
+            {"group_name": "managers"},
+            {"group_name": "seniors"}
+        ]
+        
+        for group_data in groups_data:
+            response = requests.post(self.groups_endpoint, json=group_data, headers={'content-type': 'application/json'})
+            assert response.status_code == 201
+            # Group created
+        
+        # Add users to groups
+        memberships = [
+            ("developers", "alice"),
+            ("developers", "bob"),
+            ("managers", "charlie"),
+            ("seniors", "alice")
+        ]
+        
+        for group_name, username in memberships:
+            member_data = {"username": username}
+            response = requests.post(
+                f"{self.base_url}/groups/{group_name}/members",
+                json=member_data,
+                headers={'content-type': 'application/json'}
+            )
+            assert response.status_code == 201
+            # User added to group
+        
+        # Verify memberships
+        for group_name, expected_members in [("developers", ["alice", "bob"]), ("managers", ["charlie"]), ("seniors", ["alice"])]:
+            response = requests.get(f"{self.base_url}/groups/{group_name}/members")
+            assert response.status_code == 200
+            members = response.json()
+            member_names = [m["member_name"] for m in members]
+            assert set(member_names) == set(expected_members)
+            # Membership verified
+        
+        # Complex Workflow Test Complete