OSS-first docs

These docs teach the open system first: contracts, generated surfaces, runtimes, governance, and incremental adoption. Studio shows up as the operating layer on top, not as the source of truth.

AI index

Domain docs

AuthOS

Identity, roles, permissions, sessions, and tenant-safe access decisions.

Source packages

Start with packages/modules/auth-os, then use the spec and runtime packages as compatibility boundaries.

  • packages/libs/authos-spec
  • packages/libs/identity-rbac

Platform stance

Define the domain once. Render web and mobile with platform-native shells after contract, role, tenant, and policy resolution.

Canonical surfaces

  • Sign-in and session contracts
  • RoleMorph and RBAC gates
  • Tenant-aware authorization checks

Implementation notes

  • Keep provider auth adapters outside the domain contract.
  • Resolve role and tenant context before generated UI or workflow surfaces render.

All domains

safety/tenant-isolation

libraries/multi-tenancy

OSS docsdomainsStart with OSS. Adopt Studio when you want the operating layer.
Previous

Domains overview

Navigate AuthOS, BillingOS, CompanyOS, CommunicationOS, and other product operating domains across web and mobile.

Next

BillingOS

Implement plans, subscriptions, invoices, payments, entitlements, and billing evidence across web and mobile.

Why ContractSpec

Keep educational and comparison content reachable without letting it define the primary OSS learning path.

ManifestoContract-first APISpec-driven development