Tenant-Native Origination & Hardened Auth
Database-per-tenant isolation reaches the loan origination workflow, alongside a hardened authentication contract and a broad pass of reporting and documentation improvements.
New & Improved
- +Tenant-Native Loan Origination -- Each accounting entity now owns and customizes its own origination configuration (product types, decision rules, application pipeline) in its own database, fully isolated from every other tenant.
- +Hardened Authentication -- Refresh tokens are now held in HttpOnly, SameSite-Strict cookies with CSRF double-submit protection and a login origin allowlist; access tokens are short-lived and held in memory only.
- +Reporting & Analytics Fixes -- Loan, note, and financial-performance BI suites, the ALM dashboard, and the chart of accounts now load correctly for an active entity, with clearer loading and error states.
- +Expanded API Documentation -- The OpenAPI specification now reflects the cookie/CSRF auth contract, the per-entity
x-entity-idheader, and additional admin and compliance services.