Operator AccessSupabase auth

Sign in before opening the finance stack.

FinancialOS now uses real authenticated operator sessions instead of the previous production mock fallback. Public policy pages remain accessible before sign-in.

Privacy policySecurity overviewData retention
Why this matters

Production access is no longer mock-only.

Protected finance routes
Dashboard, documents, finance pages, and server APIs now expect a real session cookie.
Better Plaid posture
Plaid Link and downstream financial data flows are accessed by an authenticated operator rather than a fallback env identity.
Policy surface in place
Privacy, security, and retention pages are published before live usage.