From 14a638b09d1c3dd2ee9029bdb8ee54a620d3aa4e Mon Sep 17 00:00:00 2001
From: Vadym Samoilenko <vadymsamoilenko@oliver.agency>
Date: Thu, 7 May 2026 10:47:18 +0100
Subject: [PATCH] vault backup: 2026-05-07 10:47:18

---
 01 Projects/cc-dashboard/CC Dashboard.md | 5 +++++
 99 Daily/2026-05-07.md                   | 3 +++
 2 files changed, 8 insertions(+)

diff --git a/01 Projects/cc-dashboard/CC Dashboard.md b/01 Projects/cc-dashboard/CC Dashboard.md
index 0c4124f..9484979 100644
--- a/01 Projects/cc-dashboard/CC Dashboard.md	
+++ b/01 Projects/cc-dashboard/CC Dashboard.md	
@@ -177,6 +177,10 @@ All endpoints except `/auth/login` require valid JWT in `Authorization: Bearer {
 - **Recent fixes:** Accurate time tracking with interval union (no double-counting), project metadata fields, auto-detect repo URL from git remote, chart null-safety, async safety (selectinload, execute delete)
 
 ## Sessions
+### 2026-05-07 – Set up SSO with user isolation,
+**Asked:** Set up SSO with user isolation, disable personal login, and link vadymsamoilenko@oliver.agecny to VadymSamoilenko@oliver.agecny.
+**Done:** Added optical-dev.oliver.solutions/cc-dashboard/ as SPA to AI portal app and configured SSO integration.
+
 ### 2026-05-07 – Configure SSO with user isolation, disable
 **Asked:** Configure SSO with user isolation, disable personal login, and migrate user vadymsamoilenko@oliver.agecny to VadymSamoilenko@oliver.agecny.
 **Done:** Added https://optical-dev.oliver.solutions/cc-dashboard/ as SPA to AI portal app and located SSO configuration data in Obsidian notes.
@@ -280,6 +284,7 @@ All endpoints except `/auth/login` require valid JWT in `Authorization: Bearer {
 ## Change Log
 | Date | Requested | Changed | Files |
 |------|-----------|---------|-------|
+| 2026-05-07 | SSO configuration | User isolation, personal login disabled, user mapping updated | Auth config, User mappings |
 | 2026-05-07 | SSO configuration | Oliver tenant ID, ac-tool client_id, redirect URI, platform type set to SPA | Obsidian notes, AI portal app registration |
 | 2026-05-07 | SSO configuration | User isolation, personal login disabled, user account migration, SPA added | src/sso.py, src/routers/auth.py, src/auth.py, src/models.py |
 | 2026-05-07 | SSO setup with user isolation | sso.py, auth.py, models.py, routers/auth.py — JWKS validation, removed /login endpoint, added azure_oid field, user migration | src/sso.py, src/auth.py, src/models.py, src/routers/auth.py |
diff --git a/99 Daily/2026-05-07.md b/99 Daily/2026-05-07.md
index 38a694e..5bbecb8 100644
--- a/99 Daily/2026-05-07.md	
+++ b/99 Daily/2026-05-07.md	
@@ -20,3 +20,6 @@ tags: [daily]
 - 10:45 | `ai_leed`
   - **Asked:** Set up the same info panel format at the bottom of terminals.
   - **Done:** Discussed WezTerm with tmux status bar configuration but unable to complete due to sandbox environment limitations.
+- 10:46 | `cc-dashboard`
+  - **Asked:** Set up SSO with user isolation, disable personal login, and link vadymsamoilenko@oliver.agecny to VadymSamoilenko@oliver.agecny.
+  - **Done:** Added optical-dev.oliver.solutions/cc-dashboard/ as SPA to AI portal app and configured SSO integration.