SKILL-030 Teams, organizations, and multi-tenancy Locked skill

Enterprise SSO / SAML readiness

Authentication is a per-organization policy, not a per-user setting — resolve it through the org so SSO drops in without touching login screens.

01

What this skill helps you build

Shape your auth now so you can add SAML, OIDC, and SCIM per organization later — without re-architecting the day an enterprise customer asks.

The production takeaway

Authentication is a per-organization policy, not a per-user setting — resolve it through the org so SSO drops in without touching login screens.

02

Inside this skill

The full skill expands these implementation areas with decisions, edge cases, prompts, tests, and framework-specific code.

Teams, organizations, and multi-tenancy
What this helps you build

A login system that is ready for enterprise SSO before a customer asks for it . You don't ship a full SAML stack on day one — you leave the right seams in your auth so that adding

🔒
Teams, organizations, and multi-tenancy
When to use this

Use this the moment you're building B2B auth that might sell upmarket — which is almost always. You don't need SSO working yet; you need to not paint yourself into a corner. Concre

🔒
Teams, organizations, and multi-tenancy
The core idea

Which authentication methods are allowed is a property of the organization, not a global switch and not a per user flag. If every login path goes through a resolver that asks "what

🔒
03

Unlock the full implementation

Paid access includes the complete skill body, implementation prompt, common mistakes, production checklist, and code examples where this skill includes them.