Identity and Access
Per-tenant SSO over SAML 2.0 and OIDC, plus capability-based roles, so a firm's IT controls who can do what.
What it does
Scope supports single sign-on per tenant over SAML 2.0 and OIDC. A firm configures its identity provider once, and users sign in through it. SSO can be required, with a firm-admin password fallback as a lockout safety hatch.
Access control is capability-based across a set of roles - firm admin, attorney, and others - rather than a single all-or-nothing flag. Each role grants a specific set of capabilities, and sensitive actions check the caller's capability before proceeding.
Multi-tenancy is enforced at the database layer, so one firm's data is never reachable from another firm's session.
Why it matters
A security reviewer's first questions are about SSO and least privilege. Per-tenant SAML and OIDC plus capability-based roles answer both without a custom build.
Required-SSO with an admin fallback means a firm can enforce its identity policy without locking itself out if the identity provider has an outage.
How to use it
A firm admin configures the identity provider in settings. Role assignment is managed per user. The REST and MCP surfaces both enforce the same capability checks.