Core Concepts
Authentication
Email/password, OAuth (Google, Microsoft), magic links, OTP.
Authorization (RBAC)
Role-based access control.
Multi-Tenancy
Organization-based tenancy with memberships and invitations.
Identity Provider
WorkOS integration for identity management.
Key Patterns
- JWT Tokens for stateless authentication
- RBAC with environment and organization-scoped roles
- Cache-first reads for users, orgs, roles