Public Boundary

Field Service Agent OS

Authentication is now separated from the protected application surface. Clerk verifies identity, and the app uses Prisma role and status records for server-side authorization decisions.

Public registration is disabled. Access is granted by a director after your authenticated identity has been reviewed and activated in the application user table.

Sign In

Access model

Authenticated identities sync into the existing `users` table on the server. That sync is currently email-based because the schema does not yet store a dedicated Clerk external ID.

Newly synced users default to TECHNICIAN and INACTIVE so access stays locked down until a director assigns the correct application role and status.