feat: enforce email as primary user identity in SaaS mode

All users in SaaS mode must have an email address. The bootstrap creates the admin user with primaryEmail set to SAAS_ADMIN_EMAIL (defaults to <SAAS_ADMIN_USER>@<PUBLIC_HOST>). This prevents the admin from being locked out when self-service registration (which requires email) is enabled via the Email Connector UI. Documentation updated across all CLAUDE.md files, .env.example, user-manual.md, and installer submodule (README, .env.example, compose). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-25 20:23:30 +02:00
parent f0aa2b7d3a
commit 3ab6408258
7 changed files with 22 additions and 9 deletions
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -6,6 +6,8 @@ This file provides guidance to Claude Code (claude.ai/code) when working with co

 Cameleer SaaS — **vendor management plane** for the Cameleer observability stack. Three personas: **vendor** (platform:admin) manages the platform and provisions tenants; **tenant admin** (tenant:manage) manages their observability instance; **new user** (authenticated, no scopes) goes through self-service onboarding. Tenants can be created by the vendor OR via self-service sign-up (email registration + onboarding wizard). Each tenant gets per-tenant cameleer-server + UI instances via Docker API.

+**Email is the primary user identity** in SaaS mode. All users — including the admin — must have an email address. The admin email defaults to `<SAAS_ADMIN_USER>@<PUBLIC_HOST>` if not set explicitly via `SAAS_ADMIN_EMAIL`. Self-service registration (email + password + verification code) is disabled by default and enabled via the vendor UI after configuring an email connector.
+
 ## Ecosystem

 This repo is the SaaS layer on top of two proven components: