Authentication
The initial V1 authentication model uses username/password login for interactive users.
The platform is designed for:
- interactive user login,
- future OIDC-compatible identity providers,
- tenant-specific SSO later,
- auditable API access through scoped credentials or tokens.
The exact login endpoint, password storage, session or token model, refresh token behavior, and service account model must be accepted and documented before API integrations depend on them.