diff --git a/.obsidian/plugins/hoarder-sync/data.json b/.obsidian/plugins/hoarder-sync/data.json
index cb6cf18..8e3dca5 100644
--- a/.obsidian/plugins/hoarder-sync/data.json
+++ b/.obsidian/plugins/hoarder-sync/data.json
@@ -4,7 +4,7 @@
   "syncFolder": "Hoarder",
   "attachmentsFolder": "Hoarder/attachments",
   "syncIntervalMinutes": 60,
-  "lastSyncTimestamp": 1777451140995,
+  "lastSyncTimestamp": 1777454739785,
   "updateExistingFiles": false,
   "excludeArchived": true,
   "onlyFavorites": false,
diff --git a/01 Projects/oliver-sales-ops-platform/Oliver Sales Ops Platform.md b/01 Projects/oliver-sales-ops-platform/Oliver Sales Ops Platform.md
index 2de8cc9..b601346 100644
--- a/01 Projects/oliver-sales-ops-platform/Oliver Sales Ops Platform.md	
+++ b/01 Projects/oliver-sales-ops-platform/Oliver Sales Ops Platform.md	
@@ -24,6 +24,10 @@ created: 2026-04-28
 - **Local path:** `/Volumes/SSD/Projects/Oliver/oliver-sales-ops-platform`
 
 ## Sessions
+### 2026-04-29 – How should allowed user emails be
+**Asked:** How should allowed user emails be formatted for the configuration?
+**Done:** Documented the YAML format for allowed users with role definitions (viewer, editor, admin) in config/allowed_users.yaml.
+
 ### 2026-04-28 – How should SSO access control be
 **Asked:** How should SSO access control be implemented — separate Azure environment or backend allowlist via allowed_users.yaml?
 **Done:** Configured SSO with backend-based user allowlist validation; pushed initial commit and set redirect URI to https://optical-dev.oliver.solutions/oliver-sales-ops-platform/
@@ -44,6 +48,7 @@ created: 2026-04-28
 ## Change Log
 | Date | Requested | Changed | Files |
 |------|-----------|---------|-------|
+| 2026-04-29 | User configuration format | Added YAML schema documentation with role definitions and case-insensitive email handling | config/allowed_users.yaml, backend/app/models/user.py |
 | 2026-04-28 | SSO user allowlist | Added allowed_users.yaml validation, configured redirect URI, set DEV_AUTH_BYPASS flags | config/allowed_users.yaml, .env, deploy/deploy.sh |
 | 2026-04-28 | SSO configuration with user allowlist | redirectUri verification, Azure AD SPA redirect URI registration | MSAL config, app registration 9079054c-9620-4757-a256-23413042f1ef |
 | 2026-04-28 | SSO access control | Created allowlist service, added auth middleware with email verification, configured redirect URL | config/allowed_users.yaml, backend/app/services/allowlist.py, backend/app/middleware/auth.py |
diff --git a/99 Daily/2026-04-29.md b/99 Daily/2026-04-29.md
index 693c3e9..0f389f1 100644
--- a/99 Daily/2026-04-29.md	
+++ b/99 Daily/2026-04-29.md	
@@ -14,3 +14,6 @@ tags: [daily]
 - 09:37 (<1min) | `baic_dashboard`
   - **Asked:** Asked | Check if the project is configured for the URL https://baic.oliver.solutions/
   - **Done:** Done | Reviewed project configuration for the specified URL
+- 10:34 (2min) | `oliver-sales-ops-platform`
+  - **Asked:** How should allowed user emails be formatted for the configuration?
+  - **Done:** Documented the YAML format for allowed users with role definitions (viewer, editor, admin) in config/allowed_users.yaml.