Test environment for the Seby auth-stack. Public landing page. Other surfaces here exercise different ACL patterns.
Bootstrap-admin-only path. Should be reachable by [email protected] only (or whoever is in ADMIN_EMAILS).
L3 — email allowlist. Should be reachable by [email protected] only (no domain wildcard).
L3 — domain allowlist. Should be reachable by anyone on @barrenjoey.com (any address on that domain).
The Firestore ACL editor itself. Admin-only at runtime via Firestore security rules.
Open ACL editor →
Worker reads ACL from Firestore /acl-lab/ collection (isolated from prod /acl/ on huddletalent-auth).
Firebase project: huddletalent-auth. Edit rules via /admin/ or seed-acl.mjs.