EP-CORE-USER: User & Tenant Management¶
Scope¶
Self-service signup, invitation flows, multi-tenant session model, tenant switching, SSO integration, privileged support admin access.
Stories¶
- US-101 Signup & tenant creation
- US-102 Invite user by email
- US-103 Magic link acceptance
- US-104 Multi-org account selection
- US-105 Tenant switcher UX component
- US-106 SSO configuration (Keycloak integration MVP)
- US-107 Super admin privileged multi-tenant console
Out of Scope (MVP)¶
- Advanced RBAC role editor UI
- Audit log export (defer to compliance phase)
Dependencies¶
Platform architecture baseline (service boundaries, auth service) in EP-CORE-ARCH.
NFR Touchpoints¶
- Security: proper isolation, token scoping per tenant
- Performance: tenant switch < 500ms context reload
- Observability: track tenant switch events & signup funnel
Success Metrics¶
- Signup conversion > 60% from landing to active tenant
- Tenant switch latency p95 < 700ms
Risks & Mitigations¶
| Risk | Mitigation |
|---|---|
| SSO complexity delays baseline signup | Implement local signup first; SSO as additive path |
| Multi-org edge cases (session confusion) | Clear context boundary & explicit tenant param in API calls |
Rollout Strategy¶
Phase 1: Local email signup & invitations. Phase 2: Tenant switcher & multi-org accounts. Phase 3: Introduce SSO for selected pilot tenant.
Version: 1.0