generated from coulomb/repo-seed
Complete user-engine boundary contracts
This commit is contained in:
5
SCOPE.md
5
SCOPE.md
@@ -24,6 +24,9 @@ NetKingdom is a self-optimizing security platform for Kubernetes-based IT infras
|
||||
canonical spec: `canon/standards/iam-profile_v0.2.md`)
|
||||
- SSO/MFA Platform: Keycloak with LDAP/Entra federation, enterprise identity (NK-WP-0001)
|
||||
- Local Identity: file-based user store + minimal OIDC server for bootstrap phase (NK-WP-0002)
|
||||
- User Engine Boundary Contract: source-of-truth, membership,
|
||||
application-onboarding, projection, authorization, and audit contracts for
|
||||
`user-engine` integration (`canon/standards/user-engine-boundary-contract_v0.1.md`)
|
||||
- Security bootstrapping: credential management, SOPS/age integration, OpenBao runtime secret authority
|
||||
- Architectural decisions (DECISIONS.md): identity source, secrets, GitOps, bootstrap user store
|
||||
|
||||
@@ -117,3 +120,5 @@ keywords: [bootstrap, local-identity, oidc, minimal, dev, sandbox]
|
||||
- Start with: `wiki/` (specifications and decisions), `DECISIONS.md` (key architectural choices D1–D5)
|
||||
- Key files / directories: `sso-mfa/` (NK-WP-0001 active workplan), `local-identity/` (NK-WP-0002), `workplans/`
|
||||
- Entry points: `workplans/NK-WP-0001-sso-mfa-platform.md` and `NK-WP-0002-local-identity.md` for current work
|
||||
- User-domain boundary contract:
|
||||
`canon/standards/user-engine-boundary-contract_v0.1.md`
|
||||
|
||||
Reference in New Issue
Block a user