azure-ad-sso-deferred-v1-uses-local-auth

Azure AD SSO was initially selected as the sole IdP for R-Same but was amended to be deferred because Runwal’s AD infrastructure is not yet complete. v1 ships with local auth only: argon2id + TOTP MFA (mandatory) + JWT in httpOnly cookies. ADR-0003 records this decision. Stub interfaces for Azure AD OIDC/SAML2 are wired in v1; migration path is dual-mode → per-user email-match → deprecate local when AD is ready.

azure-ad-sso-deferred-local-auth-v1-stub-interfaces
r-same-local-auth-v1-azure-ad-deferred
r-same-azure-ad-sso-deferred-v1-local-auth-only
r-dash-auth-amendment-local-auth-v1-azure-ad-sso-deferred
r-same-local-auth-v1-azure-ad-sso-deferred
azure-ad-sso-deferred-local-auth-v1-because-runwal-ad-incomp
azure-ad-sso-deferred-local-auth-is-v1
r-same-azure-ad-deferred-local-auth-v1

Second Brain

Explorer

azure-ad-sso-deferred-v1-uses-local-auth

azure-ad-sso-deferred-v1-uses-local-auth

Graph View

Table of Contents

Backlinks

Second Brain

Explorer

azure-ad-sso-deferred-v1-uses-local-auth

azure-ad-sso-deferred-v1-uses-local-auth

Related

Graph View

Table of Contents

Backlinks