Sign-in & Session Context
Microsoft Entra OIDC workforce authentication with MFA step-up, then company / branch / locale selection. The application renders no business data until authorization completes.
- Entra ID credentials
- MFA step-up
- Session context
- Role home
Workforce accounts only. External customers and signatories use the external signing portal with relationship-scoped access.
- Method
- Microsoft Authenticator · number matching
- Conditional access
- CA-ERP-02 · compliant device + MFA
- Device
- DXB-LT-0231 · Intune compliant
- Sign-in risk
- Low
Only legal entities your role assignments authorize are listed.
Branch scope filters queues, inventory and posting defaults.
Versioned string resources; documents keep their approved template locale.
SLA timers and business calendars display in this zone.
- Identity
- Omar Haddad · omar.haddad@almanara.ae
- Identity status
- Authenticated · MFA satisfied
- Application roles
- Senior Agent · Viewing Host Resolved after context
- Last sign-in
- 16 Jul 2026 18:22 · Dubai HQ · DXB-LT-0231
- Session expiry
- Sliding 8 h · absolute 24 h · idle lock 15 min
- Correlation
SIGNIN-2026-0717-084112-7C4D
Queues, KPIs, parties, deals and totals load only after the company / branch context is confirmed and contextual authorization (RBAC/ABAC) is evaluated. Search, notifications and navigation stay disabled until then.
Static render mockup — no live data. Source: ERP Modern Development Specification v2.0 · Covers: UX-01, GOV-02 (Entra OIDC workforce identity, MFA, contextual authorization; no business data before authorization).