OP OperixHealthcare Operations Docs
HR1-style shell Coverage
Central sign-in, SSO, and tenant rehydration

Authentication And Account

Public signup, Google and Microsoft SSO, central auth guard, 2FA, and tenant-user rehydration after clinic selection.

Central guardGoogle SSOMicrosoft SSOTenant rebind
Details

How Sign-In Works Now

Authentication happens centrally. After a clinic is selected, Operix swaps the current request into the clinic-local user mapped by global_user_id.

  • Public signup can begin with email and password or continue through Microsoft or Google SSO.
  • Platform login happens before any clinic context is initialized.
  • Selected clinic ID is stored in session and resolved by middleware on tenant routes.
  • Two-factor verification and password-change redirects still work before the clinic shell loads.
  • Owner onboarding sessions let one verified central user launch a clinic without bypassing the same tenant provisioning path used by platform admins.
Public signup screen
Self-serve signup and SSO entry now live in the public platform shell.
Operix login screen
Login remains familiar, but now acts as the platform entrypoint.
OTP screen
OTP and 2FA continue to gate access before tenant initialization.
Details

SSO And Account Linking

Microsoft and Google SSO are implemented behind one provider contract so identity stays centralized while tenant access remains membership-based.

  • SSO identities are stored centrally and linked to central users only, never directly to clinic-local user rows.
  • Invite acceptance can complete through SSO, then rehydrate the tenant-local membership without creating a second account.
  • Domain policy can be enforced per provider before a new owner or invited user is linked.
  • Fallback paths remain explicit: canceled SSO returns to signup, while existing memberships route to the clinic switcher.
Details

Visible Demo Login

The login screen includes one buyer-safe demo credential card for local demos and packaged fresh installs that seed demo accounts.

  • Visible demo email: demo@Operix.test.
  • Visible demo password: Demo@12345.
  • The Use demo login button fills the login form without exposing private operator accounts.
  • The visible demo user receives the Demo Admin role, which can review buyer-facing dashboards and AI surfaces but cannot manage platform security, roles, memberships, repair operations, or destructive settings.
Details

Security Boundaries

Platform roles and clinic roles stay distinct. Platform access gets a user into a clinic; tenant permissions decide what they can do after entry.

  • Platform-only permissions control clinic management and platform health.
  • Clinic-local roles still drive dashboards and operational actions in tenant databases.
  • Forced password changes and account locks remain enforced before tenant context starts.
  • Platform access policy can now enforce IP allowlists, session age, and TOTP by role before the platform shell is usable.