Auth center usage terms

This service is operated for the owner's site portfolio. Each relying site is responsible for its own post-login session, authorization rules, and business logic.

The auth center only brokers third-party sign-in and returns a short-lived authorization code or signed identity token to approved relying applications.

Redirect URIs must be explicitly allowlisted. Wildcard callback patterns are not supported.