Skip to main content

Enterprise Identity Posture

Identity controls for employer, reseller, and admin access across cross-border deployments.

Interim Controls Enforced Now

  • - Mandatory MFA for privileged roles before protected routes and APIs.
  • - Session freshness policy for privileged sessions.
  • - Enterprise onboarding requires corporate email domains (no public mailbox providers).
  • - Optional IP allowlist enforcement via environment policy (`B2B_IP_ALLOWLIST`).

Roadmap

Dates below are target release windows and may be revised through change control.

SAML SSO (Target: April 30, 2026)

Enterprise IdP federation for admin, employer, and reseller workspaces.

SCIM Provisioning (Target: June 30, 2026)

Automated user lifecycle provisioning with role and tenant mapping controls.

Adaptive Access Policies (Target: July 31, 2026)

Risk-aware policy hooks for IP/device posture and conditional challenge flows.