### Problem statement Adopters want variety in their login preferences. Include Oauth logins as a feature and mechanic that can be opted into. ### Proposed solution - [ ] Providers can be configured and enabled independently. - [ ] OAuth start and callback endpoints validate state and nonce. - [ ] Provider identities can link to users according to explicit policy. - [ ] Provider tokens are not leaked in responses, logs, or auth events. - [ ] Tests cover successful login, denied callback, and linking conflicts. ### Alternatives considered _No response_ ### Impact area Developer experience
Problem statement
Adopters want variety in their login preferences. Include Oauth logins as a feature and mechanic that can be opted into.
Proposed solution
Alternatives considered
No response
Impact area
Developer experience