Feature matrix
A realistic enterprise auth surface, not a starter-page checklist.
The demo is organized around the things a buyer or implementation team actually needs to see: strong account lifecycle controls, tenant-aware administration, and enterprise identity routing that lands users in the right place.
Authentication foundation
- Email and password with verification and reset flows
- Google and Microsoft social sign-in
- TOTP two-factor auth with backup codes and trusted devices
- Multiple active sessions with selective revocation
Multi-tenant operations
- Organization creation and switching
- Invites, membership roles, team management, and role visibility
- Org-level security settings, SSO routing, and audit visibility
- Org-scoped API keys with one-time reveal
Admin and enterprise readiness
- Platform admin user and org inspection
- Enterprise SSO configuration persistence and discovery page
- JIT provisioning hooks and claim-to-role mapping
- Local-first developer setup with SQLite and pnpm dev
Developer experience is a first-class feature
This repo is designed to boot with SQLite and `pnpm dev` by default, while still keeping the auth, org, audit, and enterprise modules cleanly separated for future hardening. The goal is a demo other developers can clone, run, inspect, and extend without wrestling with infrastructure before the first page loads.