Relyra JTBD Gap Map

Copy Markdown View Source

This document is the planning companion to guides/jtbd_user_flows.md.

The guide explains the current story from an adopter's point of view. This document answers a different question:

How complete is Relyra's user-flow map, what is still missing, and where do future milestones stop paying for themselves?

Last refreshed: 2026-05-23

Current coverage map

Phoenix SaaS adopter

Status: Strong

What is clearly supported:

  • install and scaffold into a Phoenix app
  • prove the path locally with FakeIdP
  • land one real-provider path with a shipped preset
  • persist tenant-scoped connection state
  • use a clear Day-1 -> Day-2 onboarding spine

What is still rough:

  • the custom/generic SAML path is real, but not yet as smooth or confidence- building as the three shipped presets
  • logout exists in the code surface, but not yet as a polished adopter workflow

Assessment: This is already a serious adoption story for teams using Okta, Entra, or Google Workspace and willing to own the host seams.

Platform or auth owner

Status: Strong but under-explained

What is clearly supported:

  • multi-tenant connection records
  • runtime snapshot resolution
  • metadata import and controlled refresh
  • certificate inventory and staged rollover
  • attribute and group mapping persistence
  • audit-backed trust mutation history
  • scheduled refresh automation with guardrails

What is still rough:

  • the "how do I shape provisioning policy around this?" story is still mostly a host concern rather than a first-class Relyra guide
  • the custom-provider operating model is not yet as crisp as the preset model

Assessment: The capability set is strong. The main gap is not raw implementation depth; it is making the operating model easier to understand and easier to adopt safely.

Operator, support, or SRE

Status: Strong

What is clearly supported:

  • metadata review and refresh flows
  • certificate lifecycle controls
  • expiry warnings
  • audit review
  • telemetry
  • diagnostic bundle export
  • optional admin surfaces for common operations
  • bulk actions across connections

What is still rough:

  • there is not yet one canonical "incident response / support playbook" guide that stitches telemetry, audit, diagnostics, and rollout recovery together

Assessment: This is one of Relyra's strongest areas. The remaining work is primarily workflow packaging, not foundational capability.

Security reviewer

Status: Strong

What is clearly supported:

  • strict-default posture
  • security boundary documentation
  • reviewer packet and evidence
  • conformance fixtures
  • CVE regression fixtures
  • typed rejection and redaction discipline

What is still rough:

  • the reviewer story is more security-packet oriented than "quick architecture overview for a fresh security engineer"

Assessment: Relyra is already ahead of where many library ecosystems stop. Additional work here should be narrowly scoped to documentation clarity, not major new surface area.

Customer IT admin or self-service setup owner

Status: Partial

What is clearly supported:

  • exact vendor runbooks for three providers
  • provider-specific labels and hints
  • metadata and SP/IdP field vocabulary
  • optional admin surface for operators

What is still rough:

  • there is no fully self-service "customer admin portal" story
  • connection testing and attribute preview are not yet presented as a polished customer-admin workflow
  • support for providers beyond the shipped three requires more operator interpretation than most customer IT teams would want

Assessment: Relyra helps your team work with customer IT. It does not yet make customer IT fully independent, and it does not claim to.

Custom or generic SAML adopter

Status: Partial

What is clearly supported:

  • the library can support non-preset SAML integrations
  • the durable connection, metadata, certificate, mapping, and validation surfaces are reusable beyond the three presets

What is still rough:

  • there is no first-class generic runbook with the same confidence level as the shipped provider docs
  • there is no clear "minimum safe checklist" doc for teams bringing their own attribute vocabulary and operator process

Assessment: This is the biggest adoption gap inside the current product boundary.

Biggest gaps by user and job

These are the highest-value remaining JTBD gaps, ordered by expected adopter value rather than by protocol novelty.

1. First-class custom or generic SAML path

Why it matters: The current support matrix is intentionally narrow, but real SaaS teams will encounter Ping, ADFS, Shibboleth, Keycloak, OneLogin, and internal enterprise IdPs. Today the library can often support those cases technically, but the adoption story drops from "guided" to "you own the synthesis."

What "done enough" looks like:

  • one generic SAML runbook
  • one explicit minimum-safe checklist
  • one clear explanation of what the adopter must supply when there is no preset

Priority: Highest

2. Identity mapping and provisioning story

Why it matters: Getting a valid assertion is only half the real application job. Teams still need help reasoning about:

  • NameID versus application identity
  • required attributes
  • account linking
  • group-to-role mapping posture
  • when to create or reject users

What "done enough" looks like:

  • one guide that explains the host-owned identity boundary
  • example mapping patterns for common SaaS cases
  • explicit non-goals around SCIM ownership

Priority: High

3. Logout as an adopter workflow, not just a protocol surface

Why it matters: SLO support exists, but many adopters will ask a practical question: "what does it mean for my Phoenix app and session model?"

What "done enough" looks like:

  • one doc explaining when SLO is worth enabling
  • clear warning about stateful versus stateless session implications
  • one end-to-end host integration story

Priority: Medium-high

4. Operator incident and recovery playbook

Why it matters: The parts exist: telemetry, audit, diagnostics, refresh controls, certificate lifecycle. What is missing is a single narrative for "something drifted or broke; now what?"

What "done enough" looks like:

  • one operational playbook
  • recommended first checks for common production failures
  • linkages between diagnostics, audit, telemetry, and admin UI

Priority: Medium

5. Customer-admin self-service polish

Why it matters: This reduces support load, but only after the previous gaps are addressed.

What "done enough" looks like:

  • clearer self-service setup flow
  • stronger connection-test or preview workflow
  • more customer-admin-facing affordances around attributes and setup receipts

Priority: Medium-low

6. Broader preset catalog

Why it matters: Provider breadth is visible and useful, but it is not the highest-leverage next step if the generic path is still weak.

What "done enough" looks like:

  • add presets only when code, runbook, field vocabulary, and proof all ship together

Priority: Lower than generic-path and identity-story work

If future milestone planning is guided by JTBD coverage, the best order is:

1. Close the custom/generic SAML onboarding gap

Reason: This unlocks a much wider real-world adoption surface without committing the project to a long tail of provider-specific promises.

Likely outputs:

  • generic SAML runbook
  • custom-provider checklist
  • stronger support taxonomy and expectation-setting

2. Document and sharpen the identity mapping boundary

Reason: This is where many SaaS teams still make product-critical mistakes even after protocol validation is correct.

Likely outputs:

  • mapping and provisioning guide
  • host-owned decision framework
  • better examples for common tenant/user linking patterns

3. Promote logout from "implemented capability" to "adopter-ready flow"

Reason: The protocol work exists. The missing piece is a crisp host-app story that helps teams decide whether and how to use it.

Likely outputs:

  • SLO guide
  • session-adapter examples
  • operational caveats and receipts

4. Package the operator incident workflow

Reason: This improves production usability without broadening scope.

Likely outputs:

  • operations playbook
  • common-failure troubleshooting guide
  • cross-links between telemetry, diagnostics, audit, and admin UI

5. Re-evaluate provider expansion only after the above

Reason: A broader preset catalog is valuable, but only if the project can support the operating burden honestly.

Likely outputs:

  • one or two high-demand presets, or
  • an explicit decision to invest in the generic path instead

Diminishing-returns threshold

Relyra does not need to model every possible SAML situation to have a practically complete JTBD map.

The project is close to "feature-complete enough" for user-flow coverage once all of the following are true:

  • Day-1 onboarding is crisp for both shipped presets and generic SAML
  • Day-2 operations are understandable as one coherent production story
  • identity mapping and provisioning boundaries are documented well enough that adopters stop guessing
  • logout has a clear host-app integration story
  • security and reviewer docs remain exact and current

After that point, most additional JTBD work becomes lower-yield:

  • one more provider preset
  • one more case study variant
  • one more edge-case flow for a niche enterprise setup

Those can still be worthwhile, but they should be justified by real adopter demand rather than by a desire to "cover the map."

What is intentionally out of scope

These are not gaps unless the project direction changes:

  • OIDC or OAuth as part of Relyra core
  • a hosted broker runtime
  • full auth-system ownership for passwords, MFA, or sessions
  • SCIM lifecycle ownership as an in-core responsibility
  • pretending every SAML provider is batteries-included before preset + docs + proof all exist

Update method

When refreshing this document in the future:

  1. Scan CHANGELOG.md for new user-facing flows.
  2. Re-read README.md, guides/getting_started.md, provider runbooks, and case studies.
  3. Re-read .planning/PROJECT.md and the next milestone docs, if a new milestone exists.
  4. Reclassify each job as strong, partial, or intentionally out of scope.
  5. Add a dated "what changed since last refresh" note here and in guides/jtbd_user_flows.md.

Default rule:

  • update both docs when the user-facing story changed
  • update only this gap map when prioritization changed but the shipped surface did not