azure-ad-sso-deferred-local-auth-is-v1

Azure AD SSO was architecturally selected as sole IdP but had to be amended mid-Layer-2 because Runwal’s Azure AD tenant setup is incomplete. V1 uses local auth (argon2id + TOTP MFA + JWT sessions) with Azure AD SSO wired only as stub interfaces. Migration path: dual-mode → per-user email-match → deprecate local. Check AD readiness before planning any auth-dependent features.

Related

• azure-ad-sso-deferred-v1-uses-local-auth
• azure-ad-sso-deferred-local-auth-v1-stub-interfaces
• r-same-azure-ad-sso-deferred-v1-local-auth-only
• r-same-local-auth-v1-azure-ad-deferred
• r-same-azure-ad-sso-deferred-local-auth-v1
• refresh-token-rotation-must-be-atomic-same-transaction