Demo the product in a story, not a disconnected feature tour.
The strongest demo sequence moves from familiar consumer-grade auth into the more valuable B2B controls: organizations, security posture, enterprise login, and delegated administration.
Step 1
Flow A: local auth to 2FA
Create a local account, verify email from dev mail, sign in, enable TOTP, and then confirm session visibility from the sessions page.
Step 2
Flow B: social login
Provide Google or Microsoft credentials, use the sign-in buttons, and inspect linked accounts from the profile page.
Step 3
Flow C: organization administration
Create an organization, invite a user, create a team, and demonstrate permission boundaries from the roles page.
Step 4
Flow D: enterprise identity
Register an OIDC provider under an organization, use the SSO start page, and show how provisioning hooks map claims into tenant roles.
Step 5
Flow E: machine access
Create an org API key, copy it once, hit the protected route, revoke it, and verify requests fail after revocation.