From d3a9be8f2e5cdf77a0ed05ec57209bc20afc4867 Mon Sep 17 00:00:00 2001
From: hsiegeln <37154749+hsiegeln@users.noreply.github.com>
Date: Sun, 12 Apr 2026 14:30:56 +0200
Subject: [PATCH] fix: remove vendor-to-tenant-org addition on tenant creation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Vendor has platform:admin scope globally and manages tenants through the
SaaS console — no need to be a member of each tenant's Logto org.
Removes the step that failed with Logto's varchar(21) user ID limit.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../cameleer/saas/vendor/VendorTenantService.java     | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/src/main/java/net/siegeln/cameleer/saas/vendor/VendorTenantService.java b/src/main/java/net/siegeln/cameleer/saas/vendor/VendorTenantService.java
index 3a49b30..0fe19d3 100644
--- a/src/main/java/net/siegeln/cameleer/saas/vendor/VendorTenantService.java
+++ b/src/main/java/net/siegeln/cameleer/saas/vendor/VendorTenantService.java
@@ -90,17 +90,6 @@ public class VendorTenantService {
                 }
             }
 
-            // Add the current vendor user to the new org for support access
-            try {
-                String vendorUserId = actorId.toString();
-                logtoClient.addUserToOrganization(tenant.getLogtoOrgId(), vendorUserId);
-                if (ownerRoleId != null) {
-                    logtoClient.assignOrganizationRole(tenant.getLogtoOrgId(), vendorUserId, ownerRoleId);
-                }
-            } catch (Exception e) {
-                log.warn("Failed to add vendor to org for tenant {}: {}", tenant.getSlug(), e.getMessage());
-            }
-
             // Register OIDC redirect URIs for the tenant's server in the Traditional Web App
             String tradAppId = logtoConfig.getTradAppId();
             if (tradAppId != null) {