Authentication

Access model

Use token-based authentication and permission scopes aligned to module capabilities. Documentation can be generated from the same permission metadata used in the ERP source.

Implementation notes

• Scope tokens by domain and action.
• Document error modes and retry expectations.
• Tie auth changes to release notes and changelog entries.