AyCode.Core/docs/AUTH/AUTH_ISSUES.md

AUTH — Known Issues

Active known issues for user authentication (bearer tokens, JWT, login flow, hub authorization).

For planned/actionable work see AUTH_TODO.md. For the architectural decision that scoped this topic, see ../adr/0001-user-bearer-token-flow.md.

Active entries

(No AUTH-I-N entries yet — topic just created. Currently-relevant security entries live as LOG-I-9 and LOG-I-10 in LOGGING_ISSUES.md, pre-migration. ADR 0001's "Status migration on AUTH topic creation" follow-up is the planned home transfer — separate user-approved task.)

Entry format

When adding the first entry, follow the standard _ISSUES.md shape used across topics (LOGGING, BINARY, SIGNALR), with AUTH-I-N ID format per TOPIC_CODES.md:

• ID line with **Severity:** ... · **Status:** ... · **Area:** ...
• ### Description — concrete problem with quotable evidence
• ### Root cause — what's actually wrong (optional)
• ### Fix direction — proposed approach
• ### Resolution — when Status moves to Closed (per TOPIC_CODES.md Status conventions): what / where / why / caveat
• ### Related — sibling entries, cross-topic refs, ADR refs (**Reference:** ADR-NNNN for ADR pre-flight cross-refs per adr-author/SKILL.md Step 8 #3)

Status vocabulary (per TOPIC_CODES.md): Open, InProgress, Closed (YYYY-MM-DD). Three values only — distinct from ADR Status (Proposed/Accepted/Superseded/Rejected).