r-same-local-auth-v1-azure-ad-sso-deferred
R-Same v1 uses local auth only (argon2id time=3/mem=64MB/par=4, TOTP MFA mandatory, JWT HttpOnly cookies) because Runwal’s Azure AD infrastructure work was not yet complete at design time. Azure AD OIDC/SAML2 stubs are reserved in v1 interfaces. Migration path: dual-mode → per-user email-match → deprecate local. Do not re-enable local auth escape hatch once AD is live.
Related
- azure-ad-sso-deferred-local-auth-v1-stub-interfaces
- r-same-local-auth-v1-azure-ad-deferred
- r-dash-auth-amendment-local-auth-v1-azure-ad-sso-deferred
- r-same-azure-ad-sso-deferred-local-auth-v1
- r-dash-azure-ad-deferred-local-auth-v1-stack
- azure-ad-sso-deferred-v1-uses-local-auth
- azure-ad-sso-deferred-local-auth-v1-because-runwal-ad-incomp
- r-same-azure-ad-deferred-local-auth-v1