Yail.Identityv1.0

One identity.
Every Yail surface.

OIDC + OAuth2 server with passkeys, Google & Microsoft per-module. The authority every other module trusts — sign in once, audit everywhere.

Begin setup View OIDC config

Passkey

Google

Microsoft

Magic link

At a glance

No traffic yet — these will populate after first sign-in.

Registered users0Add your first member

Sign-ins · 7d—Awaiting traffic

Active passkeys0Encourage in onboarding

Failed attempts—Threshold: 5/min

Get set up

Five steps. The first three are required before any module can authenticate.

Provision tenant

Default org · created on first run

Done

Configure issuer URL

https://yail-identity-web.internal.livelysmoke-dc238606.uksouth.azurecontainerapps.io

Done

Required so YAIL-OS modules can redirect users to sign in.

Enable a second sign-in method

Passkeys + at least one of Google or Microsoft is recommended.

Enable methods

Set audit retention policy

Default 90 days. Adjust to match your compliance posture.

Configure

Methods & clients

Toggle methods, then register clients to start authenticating.

Sign-in methods

OAuth clients 0

Sessions

Audit log

Passkeys

WebAuthn, platform & cross-device. Recommended primary.

Google

Per-module OAuth · client ID required

Microsoft

Per-module OAuth · tenant ID required

Magic link (email)

Used for guest auth on Yail.DealRoom

No OAuth clients yet

Register one client per Yail module so it can redirect users here to sign in. We'll generate the client ID + rotated secret automatically.

Compliance & audit

Your retention and export posture across the fleet.

Retention policy

Background purge job · runs daily 03:00 UTC

90 days

Audit records older than 90 days are purged after CSV export to your archive bucket.

Latest export

CSV · S3-compatible

No exports yet. Run your first export from the Audit log tab.

Recent events

Last 24h · all members

Quiet so far. Events appear here as members sign in, register passkeys, or rotate clients.

One identity.Every Yail surface.