Workspace security
Authentication and SSO readiness
KROMSE can run in safe mock mode for the staging demo, or Clerk mode for real B2B authentication and workspace-scoped access. Enterprise SSO remains a configured future step, not a live dependency.
Authentication mode
Mock
Gabriel Demo session remains active.
Workspace
Atlas Robotics EU
B2B tenant context remains organization-scoped for every backend route.
Members
Roles Ready
Owner, Admin, Security Lead, Product Owner, Legal Reviewer, and Viewer roles are preserved.
Enterprise SSO
Not configured
Okta, Microsoft Entra ID, Google Workspace, and SAML/OIDC are planned for the enterprise SSO phase.
SCIM
Planned
Directory lifecycle automation is intentionally deferred until SSO requirements are confirmed.
GitHub identity vs integration
Separated
GitHub login identifies a user; the GitHub App remains the repository security metadata integration.