ADR-012: User Authentication Strategy
[SUPERSEDED by ADR-016 and ADR-017] Dual-mode auth — GitHub OAuth with org-gate for internal admins, email magic link with whitelist for early clients
5 docs tagged with "magic-link"
View all tagsADR-017: WorkOS as Authentication Provider
Select WorkOS as the identity provider for sv0-platform. Provides AuthKit (hosted login), enterprise SSO with self-serve Admin Portal, Directory Sync, and magic-link passwordless — free at evaluation scale, per-connection pricing at enterprise scale.
Multi-Tenant Auth & User Model — Provider Comparison
Research artifact: side-by-side comparison of six authentication providers (WorkOS, Clerk, Stytch B2B, Auth0, Cloudflare Access, roll-your-own) across twelve criteria. Informed ADR-017's selection of WorkOS.
User Authentication Implementation Plan
Plan to implement dual-mode user authentication for sv0-platform (GitHub OAuth for admins, email magic link for clients), replacing the REQUIRE_AUTH=false production bypass per ADR-012.
WorkOS Auth Implementation Plan
Phased implementation plan for adopting WorkOS as the identity provider, rebuilding tenant/user/membership model, URL-scoping tenants to /t/:slug, and establishing the SecurityV0 super-admin pattern. Implements ADR-016 and ADR-017.