# SCOPE

## One-Liner

Headless user-domain and identity-domain integration engine for accounts,
identity links, actor/principal/subject context, preferences, memberships,
application catalogs, projections, evidence references, audit, and events.

## In Scope

- user and account records;
- account lifecycle state;
- external identity links;
- actor, authenticated subject, authorization principal, account, and user
  context mappings;
- global, tenant, application, and membership profile values;
- preference values;
- tenant, application, team, and scope memberships;
- identity-context read models for domain consumers;
- canon interface cards, entity mappings, relationship mappings, and explicit
  gap records;
- application registry for profile consumers;
- customization catalog registry and validation;
- effective profile resolution;
- projection APIs for self-service, admin, application runtime, audit, and
  agent contexts;
- audit records and lifecycle/profile-change events;
- local evidence references derived from audit and event records;
- local standalone development mode;
- integration ports for identity claims, authorization checks, events, and
  runtime secrets;
- adapter contracts for evidence export, policy/control references, and
  lifecycle task handoff.

## Out Of Scope

- login and authentication flows;
- password, passkey, session, and MFA lifecycle;
- OIDC/SAML token issuance;
- final authorization policy decisions;
- durable authorization grant authority outside user-engine-owned memberships;
- policy, control, access-review, exception, and organization source-of-truth
  ownership;
- runtime secret custody;
- UI implementation in the current MVP; optional registration and access
  management UI work is proposed separately under `USER-WP-0014`;
- full SCIM server or enterprise directory replacement in the initial product.

## Boundary Rule

user-engine owns user-domain facts, identity-context mappings, and projections.
Other systems may provide authentication, IAM claims, authorization decisions,
policy/control authority, deployment, event transport, durable audit, secrets,
organization records, or UI surfaces, but they must integrate through explicit
interfaces rather than becoming hidden sources of profile or identity-domain
truth.

## Current Planning

Implementation and planning work is tracked in `workplans/USER-WP-0001`
through `USER-WP-0015`. `USER-WP-0010` implements the first headless
registration and factor-evidence slice. `USER-WP-0011` implements prepared
accounts and entitlement claims. `USER-WP-0012` implements hats, realms,
services, assets, access profiles, active context, and exportable
access-control facts. `USER-WP-0013` implements onboarding journeys and
welcome protocols. `USER-WP-0014` implements the optional registration and
access-management UI contract facade. `USER-WP-0015` remains proposed future
work for security conformance.