@famgia/omnify-react-sso 2.2.2 → 2.2.3

package/dist/index.cjs

@@ -34,16 +34,20 @@ __export(src_exports, {
   BranchContext: () => BranchContext,
   BranchGate: () => BranchGate,
   BranchProvider: () => BranchProvider,
+  I18nProvider: () => I18nProvider,
   OrgBranchSelectorModal: () => OrgBranchSelectorModal,
   OrganizationSwitcher: () => OrganizationSwitcher,
   ProtectedRoute: () => ProtectedRoute,
   SsoCallback: () => SsoCallback,
   SsoContext: () => SsoContext,
   SsoProvider: () => SsoProvider,
+  UserForm: () => UserForm,
+  UserTable: () => UserTable,
   branchCacheCreateSchema: () => branchCacheCreateSchema,
   branchCacheI18n: () => branchCacheI18n,
   branchCacheSchemas: () => branchCacheSchemas,
   branchCacheUpdateSchema: () => branchCacheUpdateSchema,
+  changeLanguage: () => changeLanguage,
   createAuthService: () => createAuthService,
   createBranchHeaderSetter: () => createBranchHeaderSetter,
   createBranchService: () => createBranchService,
@@ -53,11 +57,14 @@ __export(src_exports, {
   createTeamService: () => createTeamService,
   createTokenService: () => createTokenService,
   createUserRoleService: () => createUserRoleService,
-  defaultLocale: () => defaultLocale,
+  createUserService: () => createUserService,
+  defaultLocale: () => defaultLocale2,
+  defaultTranslations: () => defaultTranslations,
   fallbackLocale: () => fallbackLocale,
   getBranchCacheFieldLabel: () => getBranchCacheFieldLabel,
   getBranchCacheFieldPlaceholder: () => getBranchCacheFieldPlaceholder,
   getBranchCacheLabel: () => getBranchCacheLabel,
+  getCurrentLocale: () => getCurrentLocale,
   getEffectivePermissions: () => getEffectivePermissions,
   getMessage: () => getMessage,
   getMessages: () => getMessages,
@@ -83,6 +90,8 @@ __export(src_exports, {
   getUserCacheFieldLabel: () => getUserCacheFieldLabel,
   getUserCacheFieldPlaceholder: () => getUserCacheFieldPlaceholder,
   getUserCacheLabel: () => getUserCacheLabel,
+  localeNames: () => localeNames,
+  locales: () => locales,
   organizationCacheCreateSchema: () => organizationCacheCreateSchema,
   organizationCacheI18n: () => organizationCacheI18n,
   organizationCacheSchemas: () => organizationCacheSchemas,
@@ -100,6 +109,7 @@ __export(src_exports, {
   roleSchemas: () => roleSchemas,
   roleUpdateSchema: () => roleUpdateSchema,
   setBranchHeaders: () => setBranchHeaders,
+  ssoNamespace: () => ssoNamespace,
   ssoQueryKeys: () => ssoQueryKeys,
   supportedLocales: () => supportedLocales,
   teamCacheCreateSchema: () => teamCacheCreateSchema,
@@ -113,8 +123,11 @@ __export(src_exports, {
   useAuth: () => useAuth,
   useBranch: () => useBranch,
   useBranchGate: () => useBranchGate,
+  useLocale: () => useLocale,
   useOrganization: () => useOrganization,
   useSso: () => useSso,
+  useSsoTranslation: () => useSsoTranslation,
+  useTranslations: () => useTranslations,
   userCacheCreateSchema: () => userCacheCreateSchema,
   userCacheI18n: () => userCacheI18n,
   userCacheSchemas: () => userCacheSchemas,
@@ -182,26 +195,26 @@ function getMessages(locale) {
 var import_zod = require("zod");
 var branchCacheI18n = {
   /** Model display name */
-  label: { "en": "Branch Cache" },
+  label: { "ja": "\u652F\u5E97\u30AD\u30E3\u30C3\u30B7\u30E5", "en": "Branch Cache" },
   /** Field labels and placeholders */
   fields: {
     console_branch_id: {
-      label: { "en": "Console Branch ID" }
+      label: { "ja": "Console Branch ID", "en": "Console Branch ID" }
     },
     console_org_id: {
-      label: { "en": "Console Organization ID" }
+      label: { "ja": "Console Organization ID", "en": "Console Organization ID" }
     },
     code: {
-      label: { "en": "Branch Code" }
+      label: { "ja": "\u652F\u5E97\u30B3\u30FC\u30C9", "en": "Branch Code" }
     },
     name: {
-      label: { "en": "Branch Name" }
+      label: { "ja": "\u652F\u5E97\u540D", "en": "Branch Name" }
     },
     is_headquarters: {
-      label: { "en": "Is Headquarters" }
+      label: { "ja": "\u672C\u793E", "en": "Is Headquarters" }
     },
     is_active: {
-      label: { "en": "Active" }
+      label: { "ja": "\u6709\u52B9", "en": "Active" }
     }
   }
 };
@@ -246,20 +259,20 @@ var branchCacheUpdateSchema = baseBranchCacheUpdateSchema;
 var import_zod2 = require("zod");
 var organizationCacheI18n = {
   /** Model display name */
-  label: { "en": "Organization Cache" },
+  label: { "ja": "\u7D44\u7E54\u30AD\u30E3\u30C3\u30B7\u30E5", "en": "Organization Cache" },
   /** Field labels and placeholders */
   fields: {
     console_org_id: {
-      label: { "en": "Console Organization ID" }
+      label: { "ja": "Console Organization ID", "en": "Console Organization ID" }
     },
     name: {
-      label: { "en": "Organization Name" }
+      label: { "ja": "\u7D44\u7E54\u540D", "en": "Organization Name" }
     },
     code: {
-      label: { "en": "Organization Code" }
+      label: { "ja": "\u7D44\u7E54\u30B3\u30FC\u30C9", "en": "Organization Code" }
     },
     is_active: {
-      label: { "en": "Active" }
+      label: { "ja": "\u6709\u52B9", "en": "Active" }
     }
   }
 };
@@ -300,20 +313,20 @@ var organizationCacheUpdateSchema = baseOrganizationCacheUpdateSchema;
 var import_zod3 = require("zod");
 var permissionI18n = {
   /** Model display name */
-  label: { "en": "Permission" },
+  label: { "ja": "\u6A29\u9650", "en": "Permission" },
   /** Field labels and placeholders */
   fields: {
     name: {
-      label: { "en": "Permission Name" }
+      label: { "ja": "\u6A29\u9650\u540D", "en": "Permission Name" }
     },
     slug: {
-      label: { "en": "Slug" }
+      label: { "ja": "\u30B9\u30E9\u30C3\u30B0", "en": "Slug" }
     },
     group: {
-      label: { "en": "Group" }
+      label: { "ja": "\u30B0\u30EB\u30FC\u30D7", "en": "Group" }
     },
     roles: {
-      label: { "en": "Roles" }
+      label: { "ja": "\u30ED\u30FC\u30EB", "en": "Roles" }
     }
   }
 };
@@ -352,33 +365,38 @@ var permissionUpdateSchema = basePermissionUpdateSchema;
 var import_zod4 = require("zod");
 var roleI18n = {
   /** Model display name */
-  label: { "en": "Role" },
+  label: { "ja": "\u30ED\u30FC\u30EB", "en": "Role" },
   /** Field labels and placeholders */
   fields: {
+    console_org_id: {
+      label: { "ja": "\u7D44\u7E54ID", "en": "Organization ID" }
+    },
     name: {
-      label: { "en": "Role Name" }
+      label: { "ja": "\u30ED\u30FC\u30EB\u540D", "en": "Role Name" }
     },
     slug: {
-      label: { "en": "Slug" }
+      label: { "ja": "\u30B9\u30E9\u30C3\u30B0", "en": "Slug" }
     },
     description: {
-      label: { "en": "Description" }
+      label: { "ja": "\u8AAC\u660E", "en": "Description" }
     },
     level: {
-      label: { "en": "Level" }
+      label: { "ja": "\u30EC\u30D9\u30EB", "en": "Level" }
     },
     permissions: {
-      label: { "en": "Permissions" }
+      label: { "ja": "\u6A29\u9650", "en": "Permissions" }
     }
   }
 };
 var baseRoleSchemas = {
+  console_org_id: import_zod4.z.string().max(36).optional().nullable(),
   name: import_zod4.z.string().min(1).max(100),
   slug: import_zod4.z.string().min(1).max(100),
   description: import_zod4.z.string().optional().nullable(),
   level: import_zod4.z.number().int()
 };
 var baseRoleCreateSchema = import_zod4.z.object({
+  console_org_id: baseRoleSchemas.console_org_id,
   name: baseRoleSchemas.name,
   slug: baseRoleSchemas.slug,
   description: baseRoleSchemas.description,
@@ -409,14 +427,14 @@ var roleUpdateSchema = baseRoleUpdateSchema;
 var import_zod5 = require("zod");
 var rolePermissionI18n = {
   /** Model display name */
-  label: { "en": "Role Permission" },
+  label: { "ja": "\u30ED\u30FC\u30EB\u6A29\u9650", "en": "Role Permission" },
   /** Field labels and placeholders */
   fields: {
     role: {
-      label: { "en": "Role" }
+      label: { "ja": "\u30ED\u30FC\u30EB", "en": "Role" }
     },
     permission: {
-      label: { "en": "Permission" }
+      label: { "ja": "\u6A29\u9650", "en": "Permission" }
     }
   }
 };
@@ -447,17 +465,17 @@ var rolePermissionUpdateSchema = baseRolePermissionUpdateSchema;
 var import_zod6 = require("zod");
 var teamCacheI18n = {
   /** Model display name */
-  label: { "en": "Team Cache" },
+  label: { "ja": "\u30C1\u30FC\u30E0\u30AD\u30E3\u30C3\u30B7\u30E5", "en": "Team Cache" },
   /** Field labels and placeholders */
   fields: {
     console_team_id: {
-      label: { "en": "Console Team ID" }
+      label: { "ja": "Console Team ID", "en": "Console Team ID" }
     },
     console_org_id: {
-      label: { "en": "Console Organization ID" }
+      label: { "ja": "Console Organization ID", "en": "Console Organization ID" }
     },
     name: {
-      label: { "en": "Team Name" }
+      label: { "ja": "\u30C1\u30FC\u30E0\u540D", "en": "Team Name" }
     }
   }
 };
@@ -496,17 +514,17 @@ var teamCacheUpdateSchema = baseTeamCacheUpdateSchema;
 var import_zod7 = require("zod");
 var teamPermissionI18n = {
   /** Model display name */
-  label: { "en": "Team Permission" },
+  label: { "ja": "\u30C1\u30FC\u30E0\u6A29\u9650", "en": "Team Permission" },
   /** Field labels and placeholders */
   fields: {
     console_org_id: {
-      label: { "en": "Console Organization ID" }
+      label: { "ja": "Console Organization ID", "en": "Console Organization ID" }
     },
     console_team_id: {
-      label: { "en": "Console Team ID" }
+      label: { "ja": "Console Team ID", "en": "Console Team ID" }
     },
     permission: {
-      label: { "en": "Permission" }
+      label: { "ja": "\u6A29\u9650", "en": "Permission" }
     }
   }
 };
@@ -543,29 +561,32 @@ var teamPermissionUpdateSchema = baseTeamPermissionUpdateSchema;
 var import_zod8 = require("zod");
 var userCacheI18n = {
   /** Model display name */
-  label: { "en": "User Cache" },
+  label: { "ja": "\u30E6\u30FC\u30B6\u30FC\u30AD\u30E3\u30C3\u30B7\u30E5", "en": "User Cache" },
   /** Field labels and placeholders */
   fields: {
     name: {
-      label: { "en": "Name" }
+      label: { "ja": "\u540D\u524D", "en": "Name" }
     },
     email: {
-      label: { "en": "Email" }
+      label: { "ja": "\u30E1\u30FC\u30EB\u30A2\u30C9\u30EC\u30B9", "en": "Email" }
     },
     console_user_id: {
-      label: { "en": "Console User ID" }
+      label: { "ja": "Console User ID", "en": "Console User ID" }
+    },
+    console_org_id: {
+      label: { "ja": "\u6240\u5C5E\u7D44\u7E54ID", "en": "Organization ID" }
     },
     console_access_token: {
-      label: { "en": "Console Access Token" }
+      label: { "ja": "Console Access Token", "en": "Console Access Token" }
     },
     console_refresh_token: {
-      label: { "en": "Console Refresh Token" }
+      label: { "ja": "Console Refresh Token", "en": "Console Refresh Token" }
     },
     console_token_expires_at: {
-      label: { "en": "Console Token Expiry" }
+      label: { "ja": "Console Token\u6709\u52B9\u671F\u9650", "en": "Console Token Expiry" }
     },
     roles: {
-      label: { "en": "Roles" }
+      label: { "ja": "\u30ED\u30FC\u30EB", "en": "Roles" }
     }
   }
 };
@@ -573,6 +594,7 @@ var baseUserCacheSchemas = {
   name: import_zod8.z.string().min(1),
   email: import_zod8.z.string().min(1),
   console_user_id: import_zod8.z.string().optional().nullable(),
+  console_org_id: import_zod8.z.string().optional().nullable(),
   console_access_token: import_zod8.z.string().optional().nullable(),
   console_refresh_token: import_zod8.z.string().optional().nullable(),
   console_token_expires_at: import_zod8.z.string().datetime({ offset: true }).optional().nullable()
@@ -581,6 +603,7 @@ var baseUserCacheCreateSchema = import_zod8.z.object({
   name: baseUserCacheSchemas.name,
   email: baseUserCacheSchemas.email,
   console_user_id: baseUserCacheSchemas.console_user_id,
+  console_org_id: baseUserCacheSchemas.console_org_id,
   console_access_token: baseUserCacheSchemas.console_access_token,
   console_refresh_token: baseUserCacheSchemas.console_refresh_token,
   console_token_expires_at: baseUserCacheSchemas.console_token_expires_at
@@ -842,8 +865,114 @@ function useBranchContext() {
 }
 
 // src/context/BranchProvider.tsx
-var import_react4 = require("react");
 var import_react_query = require("@tanstack/react-query");
+var import_react4 = require("react");
+
+// src/queryKeys.ts
+var ssoQueryKeys = {
+  all: ["sso"],
+  // =========================================================================
+  // Auth (authService)
+  // =========================================================================
+  auth: {
+    all: () => [...ssoQueryKeys.all, "auth"],
+    user: () => [...ssoQueryKeys.auth.all(), "user"],
+    globalLogoutUrl: (redirectUri) => [...ssoQueryKeys.auth.all(), "global-logout-url", redirectUri]
+  },
+  // =========================================================================
+  // Tokens (tokenService)
+  // =========================================================================
+  tokens: {
+    all: () => [...ssoQueryKeys.all, "tokens"],
+    list: () => [...ssoQueryKeys.tokens.all(), "list"]
+  },
+  // =========================================================================
+  // Roles (roleService)
+  // =========================================================================
+  roles: {
+    all: () => [...ssoQueryKeys.all, "roles"],
+    list: () => [...ssoQueryKeys.roles.all(), "list"],
+    detail: (id) => [...ssoQueryKeys.roles.all(), "detail", id],
+    permissions: (id) => [...ssoQueryKeys.roles.all(), id, "permissions"]
+  },
+  // =========================================================================
+  // Permissions (permissionService)
+  // =========================================================================
+  permissions: {
+    all: () => [...ssoQueryKeys.all, "permissions"],
+    list: (params) => [...ssoQueryKeys.permissions.all(), "list", params],
+    detail: (id) => [...ssoQueryKeys.permissions.all(), "detail", id],
+    matrix: () => [...ssoQueryKeys.permissions.all(), "matrix"]
+  },
+  // =========================================================================
+  // Teams (teamService)
+  // =========================================================================
+  teams: {
+    all: () => [...ssoQueryKeys.all, "teams"],
+    list: () => [...ssoQueryKeys.teams.all(), "list"],
+    permissions: (teamId) => [...ssoQueryKeys.teams.all(), teamId, "permissions"],
+    orphaned: () => [...ssoQueryKeys.teams.all(), "orphaned"]
+  },
+  // =========================================================================
+  // User Roles (userRoleService) - Scoped Role Assignments
+  // =========================================================================
+  userRoles: {
+    all: () => [...ssoQueryKeys.all, "user-roles"],
+    list: (userId) => [...ssoQueryKeys.userRoles.all(), userId],
+    byBranch: (userId, orgId, branchId) => [...ssoQueryKeys.userRoles.all(), userId, orgId, branchId]
+  },
+  // =========================================================================
+  // Users (userService)
+  // =========================================================================
+  users: {
+    all: () => [...ssoQueryKeys.all, "users"],
+    list: (params) => [...ssoQueryKeys.users.all(), "list", params],
+    detail: (id) => [...ssoQueryKeys.users.all(), "detail", id]
+  },
+  // =========================================================================
+  // Branches (branchService)
+  // =========================================================================
+  branches: {
+    all: () => [...ssoQueryKeys.all, "branches"],
+    list: (orgSlug) => [...ssoQueryKeys.branches.all(), "list", orgSlug],
+    detail: (branchId) => [...ssoQueryKeys.branches.all(), "detail", branchId],
+    headquarters: (orgSlug) => [...ssoQueryKeys.branches.all(), "headquarters", orgSlug],
+    primary: (orgSlug) => [...ssoQueryKeys.branches.all(), "primary", orgSlug]
+  },
+  // =========================================================================
+  // Admin variants (with org context)
+  // =========================================================================
+  admin: {
+    users: {
+      all: (orgSlug) => [...ssoQueryKeys.all, "admin", orgSlug, "users"],
+      list: (orgSlug, params) => [...ssoQueryKeys.admin.users.all(orgSlug), "list", params],
+      detail: (orgSlug, id) => [...ssoQueryKeys.admin.users.all(orgSlug), "detail", id]
+    },
+    roles: {
+      all: (orgSlug) => [...ssoQueryKeys.all, "admin", orgSlug, "roles"],
+      list: (orgSlug) => [...ssoQueryKeys.admin.roles.all(orgSlug), "list"],
+      detail: (orgSlug, id) => [...ssoQueryKeys.admin.roles.all(orgSlug), "detail", id],
+      permissions: (orgSlug, id) => [...ssoQueryKeys.admin.roles.all(orgSlug), id, "permissions"]
+    },
+    permissions: {
+      all: (orgSlug) => [...ssoQueryKeys.all, "admin", orgSlug, "permissions"],
+      list: (orgSlug, params) => [...ssoQueryKeys.admin.permissions.all(orgSlug), "list", params],
+      detail: (orgSlug, id) => [...ssoQueryKeys.admin.permissions.all(orgSlug), "detail", id],
+      matrix: (orgSlug) => [...ssoQueryKeys.admin.permissions.all(orgSlug), "matrix"]
+    },
+    teams: {
+      all: (orgSlug) => [...ssoQueryKeys.all, "admin", orgSlug, "teams"],
+      list: (orgSlug) => [...ssoQueryKeys.admin.teams.all(orgSlug), "list"],
+      permissions: (orgSlug, teamId) => [...ssoQueryKeys.admin.teams.all(orgSlug), teamId, "permissions"],
+      orphaned: (orgSlug) => [...ssoQueryKeys.admin.teams.all(orgSlug), "orphaned"]
+    },
+    userRoles: {
+      all: (orgSlug) => [...ssoQueryKeys.all, "admin", orgSlug, "user-roles"],
+      list: (orgSlug, userId) => [...ssoQueryKeys.admin.userRoles.all(orgSlug), userId],
+      byBranch: (orgSlug, userId, orgId, branchId) => [...ssoQueryKeys.admin.userRoles.all(orgSlug), userId, orgId, branchId]
+    }
+  }
+};
 
 // src/services/utils.ts
 function getXsrfToken2() {
@@ -860,7 +989,7 @@ function buildHeaders(orgSlug) {
     headers["X-XSRF-TOKEN"] = decodeURIComponent(xsrfToken);
   }
   if (orgSlug) {
-    headers["X-Org-Slug"] = orgSlug;
+    headers["X-Org-Id"] = orgSlug;
   }
   return headers;
 }
@@ -948,99 +1077,6 @@ function createBranchService(config) {
   };
 }
 
-// src/queryKeys.ts
-var ssoQueryKeys = {
-  all: ["sso"],
-  // =========================================================================
-  // Auth (authService)
-  // =========================================================================
-  auth: {
-    all: () => [...ssoQueryKeys.all, "auth"],
-    user: () => [...ssoQueryKeys.auth.all(), "user"],
-    globalLogoutUrl: (redirectUri) => [...ssoQueryKeys.auth.all(), "global-logout-url", redirectUri]
-  },
-  // =========================================================================
-  // Tokens (tokenService)
-  // =========================================================================
-  tokens: {
-    all: () => [...ssoQueryKeys.all, "tokens"],
-    list: () => [...ssoQueryKeys.tokens.all(), "list"]
-  },
-  // =========================================================================
-  // Roles (roleService)
-  // =========================================================================
-  roles: {
-    all: () => [...ssoQueryKeys.all, "roles"],
-    list: () => [...ssoQueryKeys.roles.all(), "list"],
-    detail: (id) => [...ssoQueryKeys.roles.all(), "detail", id],
-    permissions: (id) => [...ssoQueryKeys.roles.all(), id, "permissions"]
-  },
-  // =========================================================================
-  // Permissions (permissionService)
-  // =========================================================================
-  permissions: {
-    all: () => [...ssoQueryKeys.all, "permissions"],
-    list: (params) => [...ssoQueryKeys.permissions.all(), "list", params],
-    detail: (id) => [...ssoQueryKeys.permissions.all(), "detail", id],
-    matrix: () => [...ssoQueryKeys.permissions.all(), "matrix"]
-  },
-  // =========================================================================
-  // Teams (teamService)
-  // =========================================================================
-  teams: {
-    all: () => [...ssoQueryKeys.all, "teams"],
-    list: () => [...ssoQueryKeys.teams.all(), "list"],
-    permissions: (teamId) => [...ssoQueryKeys.teams.all(), teamId, "permissions"],
-    orphaned: () => [...ssoQueryKeys.teams.all(), "orphaned"]
-  },
-  // =========================================================================
-  // User Roles (userRoleService) - Scoped Role Assignments
-  // =========================================================================
-  userRoles: {
-    all: () => [...ssoQueryKeys.all, "user-roles"],
-    list: (userId) => [...ssoQueryKeys.userRoles.all(), userId],
-    byBranch: (userId, orgId, branchId) => [...ssoQueryKeys.userRoles.all(), userId, orgId, branchId]
-  },
-  // =========================================================================
-  // Branches (branchService)
-  // =========================================================================
-  branches: {
-    all: () => [...ssoQueryKeys.all, "branches"],
-    list: (orgSlug) => [...ssoQueryKeys.branches.all(), "list", orgSlug],
-    detail: (branchId) => [...ssoQueryKeys.branches.all(), "detail", branchId],
-    headquarters: (orgSlug) => [...ssoQueryKeys.branches.all(), "headquarters", orgSlug],
-    primary: (orgSlug) => [...ssoQueryKeys.branches.all(), "primary", orgSlug]
-  },
-  // =========================================================================
-  // Admin variants (with org context)
-  // =========================================================================
-  admin: {
-    roles: {
-      all: (orgSlug) => [...ssoQueryKeys.all, "admin", orgSlug, "roles"],
-      list: (orgSlug) => [...ssoQueryKeys.admin.roles.all(orgSlug), "list"],
-      detail: (orgSlug, id) => [...ssoQueryKeys.admin.roles.all(orgSlug), "detail", id],
-      permissions: (orgSlug, id) => [...ssoQueryKeys.admin.roles.all(orgSlug), id, "permissions"]
-    },
-    permissions: {
-      all: (orgSlug) => [...ssoQueryKeys.all, "admin", orgSlug, "permissions"],
-      list: (orgSlug, params) => [...ssoQueryKeys.admin.permissions.all(orgSlug), "list", params],
-      detail: (orgSlug, id) => [...ssoQueryKeys.admin.permissions.all(orgSlug), "detail", id],
-      matrix: (orgSlug) => [...ssoQueryKeys.admin.permissions.all(orgSlug), "matrix"]
-    },
-    teams: {
-      all: (orgSlug) => [...ssoQueryKeys.all, "admin", orgSlug, "teams"],
-      list: (orgSlug) => [...ssoQueryKeys.admin.teams.all(orgSlug), "list"],
-      permissions: (orgSlug, teamId) => [...ssoQueryKeys.admin.teams.all(orgSlug), teamId, "permissions"],
-      orphaned: (orgSlug) => [...ssoQueryKeys.admin.teams.all(orgSlug), "orphaned"]
-    },
-    userRoles: {
-      all: (orgSlug) => [...ssoQueryKeys.all, "admin", orgSlug, "user-roles"],
-      list: (orgSlug, userId) => [...ssoQueryKeys.admin.userRoles.all(orgSlug), userId],
-      byBranch: (orgSlug, userId, orgId, branchId) => [...ssoQueryKeys.admin.userRoles.all(orgSlug), userId, orgId, branchId]
-    }
-  }
-};
-
 // src/context/BranchProvider.tsx
 var import_jsx_runtime2 = require("react/jsx-runtime");
 var DEFAULT_STORAGE_KEY = "omnify_selected_branch";
@@ -1375,9 +1411,9 @@ function SsoCallback({
 }
 
 // src/components/OrganizationSwitcher.tsx
-var import_react9 = __toESM(require("react"), 1);
-var import_antd = require("antd");
 var import_icons = require("@ant-design/icons");
+var import_antd = require("antd");
+var import_react9 = __toESM(require("react"), 1);
 var import_jsx_runtime4 = require("react/jsx-runtime");
 var { Text } = import_antd.Typography;
 function OrganizationSwitcher({
@@ -1541,10 +1577,10 @@ function ProtectedRoute({
 }
 
 // src/components/OrgBranchSelectorModal.tsx
-var import_react11 = require("react");
-var import_antd2 = require("antd");
 var import_icons2 = require("@ant-design/icons");
 var import_react_query2 = require("@tanstack/react-query");
+var import_antd2 = require("antd");
+var import_react11 = require("react");
 var import_jsx_runtime6 = require("react/jsx-runtime");
 var { Text: Text2, Title } = import_antd2.Typography;
 function OrgBranchSelectorModal({
@@ -1557,6 +1593,7 @@ function OrgBranchSelectorModal({
 }) {
   const { config } = useSsoContext();
   const { organizations, currentOrg, hasMultipleOrgs } = useOrganization();
+  const { currentBranch } = useBranch();
   const [form] = import_antd2.Form.useForm();
   const [selectedOrgSlug, setSelectedOrgSlug] = (0, import_react11.useState)(
     currentOrg?.slug ?? null
@@ -1577,17 +1614,26 @@ function OrgBranchSelectorModal({
   const branches = branchesData?.branches ?? [];
   const hasMultipleBranches = branches.length > 1;
   const selectedOrg = (0, import_react11.useMemo)(
-    () => organizations.find((o) => o.slug === selectedOrgSlug) ?? null,
+    () => {
+      if (selectedOrgSlug) {
+        return organizations.find((o) => o.slug === selectedOrgSlug) ?? null;
+      }
+      if (organizations.length === 1) {
+        return organizations[0];
+      }
+      return null;
+    },
     [organizations, selectedOrgSlug]
   );
   (0, import_react11.useEffect)(() => {
     if (!open) return;
-    if (organizations.length === 1 && !selectedOrgSlug) {
-      setSelectedOrgSlug(organizations[0].slug);
-      form.setFieldValue("organization_id", organizations[0].id);
-    } else if (currentOrg && !selectedOrgSlug) {
+    if (selectedOrgSlug && form.getFieldValue("organization_id")) return;
+    if (currentOrg) {
       setSelectedOrgSlug(currentOrg.slug);
       form.setFieldValue("organization_id", currentOrg.id);
+    } else if (organizations.length === 1) {
+      setSelectedOrgSlug(organizations[0].slug);
+      form.setFieldValue("organization_id", organizations[0].id);
     }
   }, [open, organizations, currentOrg, selectedOrgSlug, form]);
   (0, import_react11.useEffect)(() => {
@@ -1595,17 +1641,21 @@ function OrgBranchSelectorModal({
     if (branches.length === 1) {
       form.setFieldValue("branch_id", branches[0].id);
     } else if (branches.length > 0) {
-      const primaryId = branchesData?.primary_branch_id;
-      if (primaryId) {
-        form.setFieldValue("branch_id", primaryId);
+      if (currentBranch && branches.some((b) => b.id === currentBranch.id)) {
+        form.setFieldValue("branch_id", currentBranch.id);
       } else {
-        const hq = branches.find((b) => b.is_headquarters);
-        if (hq) {
-          form.setFieldValue("branch_id", hq.id);
+        const primaryId = branchesData?.primary_branch_id;
+        if (primaryId) {
+          form.setFieldValue("branch_id", primaryId);
+        } else {
+          const hq = branches.find((b) => b.is_headquarters);
+          if (hq) {
+            form.setFieldValue("branch_id", hq.id);
+          }
         }
       }
     }
-  }, [open, branches, branchesLoading, branchesData, form]);
+  }, [open, branches, branchesLoading, branchesData, currentBranch, form]);
   (0, import_react11.useEffect)(() => {
     if (!open || branchesLoading) return;
     const orgId = form.getFieldValue("organization_id");
@@ -1808,10 +1858,10 @@ function OrgBranchSelectorModal({
 }
 
 // src/components/BranchGate.tsx
-var import_react12 = __toESM(require("react"), 1);
-var import_antd3 = require("antd");
 var import_icons3 = require("@ant-design/icons");
 var import_react_query3 = require("@tanstack/react-query");
+var import_antd3 = require("antd");
+var import_react12 = __toESM(require("react"), 1);
 var import_jsx_runtime7 = require("react/jsx-runtime");
 var { Text: Text3, Title: Title2 } = import_antd3.Typography;
 var DEFAULT_STORAGE_KEY2 = "omnify_branch_gate_selection";
@@ -2107,6 +2157,453 @@ function useBranchGate(storageKey = DEFAULT_STORAGE_KEY2) {
   };
 }
 
+// src/components/admin/UserTable.tsx
+var import_icons4 = require("@ant-design/icons");
+var import_antd4 = require("antd");
+
+// src/i18n/translations.ts
+var ssoNamespace = "sso";
+var defaultTranslations = {
+  en: {
+    // Common
+    actions: "Actions",
+    save: "Save",
+    cancel: "Cancel",
+    delete: "Delete",
+    edit: "Edit",
+    search: "Search",
+    loading: "Loading...",
+    yes: "Yes",
+    no: "No",
+    confirmDelete: "Are you sure you want to delete?",
+    // Users
+    users: "Users",
+    user: "User",
+    name: "Name",
+    email: "Email",
+    ssoUser: "SSO User",
+    localUser: "Local User",
+    userList: "User List",
+    userDetails: "User Details",
+    editUser: "Edit User",
+    deleteUser: "Delete User",
+    searchUsers: "Search users...",
+    noUsersFound: "No users found",
+    userDeleted: "User deleted successfully",
+    userUpdated: "User updated successfully",
+    // Roles
+    roles: "Roles",
+    role: "Role",
+    roleName: "Role Name",
+    roleDescription: "Description",
+    permissions: "Permissions",
+    assignRole: "Assign Role",
+    removeRole: "Remove Role",
+    // Permissions
+    permission: "Permission",
+    permissionName: "Permission Name",
+    permissionDescription: "Description",
+    // Validation
+    required: "{{field}} is required",
+    maxLength: "{{field}} must be at most {{max}} characters",
+    invalidEmail: "Please enter a valid email address",
+    // Pagination
+    total: "Total {{count}} items",
+    page: "Page {{current}} of {{total}}"
+  },
+  ja: {
+    // Common
+    actions: "\u64CD\u4F5C",
+    save: "\u4FDD\u5B58",
+    cancel: "\u30AD\u30E3\u30F3\u30BB\u30EB",
+    delete: "\u524A\u9664",
+    edit: "\u7DE8\u96C6",
+    search: "\u691C\u7D22",
+    loading: "\u8AAD\u307F\u8FBC\u307F\u4E2D...",
+    yes: "\u306F\u3044",
+    no: "\u3044\u3044\u3048",
+    confirmDelete: "\u672C\u5F53\u306B\u524A\u9664\u3057\u307E\u3059\u304B\uFF1F",
+    // Users
+    users: "\u30E6\u30FC\u30B6\u30FC",
+    user: "\u30E6\u30FC\u30B6\u30FC",
+    name: "\u540D\u524D",
+    email: "\u30E1\u30FC\u30EB\u30A2\u30C9\u30EC\u30B9",
+    ssoUser: "SSO\u30E6\u30FC\u30B6\u30FC",
+    localUser: "\u30ED\u30FC\u30AB\u30EB\u30E6\u30FC\u30B6\u30FC",
+    userList: "\u30E6\u30FC\u30B6\u30FC\u4E00\u89A7",
+    userDetails: "\u30E6\u30FC\u30B6\u30FC\u8A73\u7D30",
+    editUser: "\u30E6\u30FC\u30B6\u30FC\u7DE8\u96C6",
+    deleteUser: "\u30E6\u30FC\u30B6\u30FC\u524A\u9664",
+    searchUsers: "\u30E6\u30FC\u30B6\u30FC\u3092\u691C\u7D22...",
+    noUsersFound: "\u30E6\u30FC\u30B6\u30FC\u304C\u898B\u3064\u304B\u308A\u307E\u305B\u3093",
+    userDeleted: "\u30E6\u30FC\u30B6\u30FC\u3092\u524A\u9664\u3057\u307E\u3057\u305F",
+    userUpdated: "\u30E6\u30FC\u30B6\u30FC\u3092\u66F4\u65B0\u3057\u307E\u3057\u305F",
+    // Roles
+    roles: "\u30ED\u30FC\u30EB",
+    role: "\u30ED\u30FC\u30EB",
+    roleName: "\u30ED\u30FC\u30EB\u540D",
+    roleDescription: "\u8AAC\u660E",
+    permissions: "\u6A29\u9650",
+    assignRole: "\u30ED\u30FC\u30EB\u3092\u5272\u308A\u5F53\u3066",
+    removeRole: "\u30ED\u30FC\u30EB\u3092\u524A\u9664",
+    // Permissions
+    permission: "\u6A29\u9650",
+    permissionName: "\u6A29\u9650\u540D",
+    permissionDescription: "\u8AAC\u660E",
+    // Validation
+    required: "{{field}}\u306F\u5FC5\u9808\u3067\u3059",
+    maxLength: "{{field}}\u306F{{max}}\u6587\u5B57\u4EE5\u5185\u3067\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044",
+    invalidEmail: "\u6709\u52B9\u306A\u30E1\u30FC\u30EB\u30A2\u30C9\u30EC\u30B9\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044",
+    // Pagination
+    total: "\u5168{{count}}\u4EF6",
+    page: "{{total}}\u30DA\u30FC\u30B8\u4E2D{{current}}\u30DA\u30FC\u30B8"
+  },
+  vi: {
+    // Common
+    actions: "H\xE0nh \u0111\u1ED9ng",
+    save: "L\u01B0u",
+    cancel: "H\u1EE7y",
+    delete: "X\xF3a",
+    edit: "S\u1EEDa",
+    search: "T\xECm ki\u1EBFm",
+    loading: "\u0110ang t\u1EA3i...",
+    yes: "C\xF3",
+    no: "Kh\xF4ng",
+    confirmDelete: "B\u1EA1n c\xF3 ch\u1EAFc mu\u1ED1n x\xF3a?",
+    // Users
+    users: "Ng\u01B0\u1EDDi d\xF9ng",
+    user: "Ng\u01B0\u1EDDi d\xF9ng",
+    name: "T\xEAn",
+    email: "Email",
+    ssoUser: "Ng\u01B0\u1EDDi d\xF9ng SSO",
+    localUser: "Ng\u01B0\u1EDDi d\xF9ng n\u1ED9i b\u1ED9",
+    userList: "Danh s\xE1ch ng\u01B0\u1EDDi d\xF9ng",
+    userDetails: "Chi ti\u1EBFt ng\u01B0\u1EDDi d\xF9ng",
+    editUser: "S\u1EEDa ng\u01B0\u1EDDi d\xF9ng",
+    deleteUser: "X\xF3a ng\u01B0\u1EDDi d\xF9ng",
+    searchUsers: "T\xECm ng\u01B0\u1EDDi d\xF9ng...",
+    noUsersFound: "Kh\xF4ng t\xECm th\u1EA5y ng\u01B0\u1EDDi d\xF9ng",
+    userDeleted: "\u0110\xE3 x\xF3a ng\u01B0\u1EDDi d\xF9ng",
+    userUpdated: "\u0110\xE3 c\u1EADp nh\u1EADt ng\u01B0\u1EDDi d\xF9ng",
+    // Roles
+    roles: "Vai tr\xF2",
+    role: "Vai tr\xF2",
+    roleName: "T\xEAn vai tr\xF2",
+    roleDescription: "M\xF4 t\u1EA3",
+    permissions: "Quy\u1EC1n",
+    assignRole: "G\xE1n vai tr\xF2",
+    removeRole: "X\xF3a vai tr\xF2",
+    // Permissions
+    permission: "Quy\u1EC1n",
+    permissionName: "T\xEAn quy\u1EC1n",
+    permissionDescription: "M\xF4 t\u1EA3",
+    // Validation
+    required: "{{field}} l\xE0 b\u1EAFt bu\u1ED9c",
+    maxLength: "{{field}} t\u1ED1i \u0111a {{max}} k\xFD t\u1EF1",
+    invalidEmail: "Email kh\xF4ng h\u1EE3p l\u1EC7",
+    // Pagination
+    total: "T\u1ED5ng {{count}} m\u1EE5c",
+    page: "Trang {{current}}/{{total}}"
+  }
+};
+
+// src/i18n/useSsoTranslation.ts
+var import_react13 = require("react");
+function useSsoTranslation() {
+  const t = (0, import_react13.useCallback)(
+    (key, options) => {
+      let value = defaultTranslations.en[key] || key;
+      if (options) {
+        Object.entries(options).forEach(([k, v]) => {
+          value = value.replace(new RegExp(`{{${k}}}`, "g"), String(v));
+        });
+      }
+      return value;
+    },
+    []
+  );
+  return { t };
+}
+
+// src/i18n/I18nProvider.tsx
+var import_i18next2 = __toESM(require("i18next"), 1);
+var import_i18next_browser_languagedetector = __toESM(require("i18next-browser-languagedetector"), 1);
+var import_react14 = require("react");
+var import_react_i18next = require("react-i18next");
+var import_react_i18next2 = require("react-i18next");
+
+// src/i18n/config.ts
+var import_i18next = __toESM(require("i18next"), 1);
+var locales = ["ja", "en", "vi"];
+var defaultLocale2 = "ja";
+var localeNames = {
+  ja: "\u65E5\u672C\u8A9E",
+  en: "English",
+  vi: "Ti\u1EBFng Vi\u1EC7t"
+};
+var changeLanguage = (locale) => {
+  if (typeof window === "undefined") return;
+  import_i18next.default.changeLanguage(locale);
+  document.cookie = `locale=${locale};path=/;max-age=31536000`;
+};
+var getCurrentLocale = () => {
+  if (typeof window === "undefined") return defaultLocale2;
+  return import_i18next.default.language || defaultLocale2;
+};
+
+// src/i18n/I18nProvider.tsx
+var import_jsx_runtime8 = require("react/jsx-runtime");
+var initialized = false;
+function getOrCreateI18n(appTranslations, fallbackLocale2) {
+  if (initialized) return import_i18next2.default;
+  const resources = {
+    en: {
+      translation: appTranslations?.en || {},
+      [ssoNamespace]: defaultTranslations.en
+    },
+    ja: {
+      translation: appTranslations?.ja || {},
+      [ssoNamespace]: defaultTranslations.ja
+    },
+    vi: {
+      translation: appTranslations?.vi || {},
+      [ssoNamespace]: defaultTranslations.vi
+    }
+  };
+  import_i18next2.default.use(import_i18next_browser_languagedetector.default).use(import_react_i18next2.initReactI18next).init({
+    resources,
+    fallbackLng: fallbackLocale2 || defaultLocale2,
+    supportedLngs: locales,
+    detection: {
+      order: ["cookie", "localStorage", "navigator"],
+      caches: ["cookie", "localStorage"],
+      lookupCookie: "locale",
+      lookupLocalStorage: "locale"
+    },
+    interpolation: {
+      escapeValue: false
+    },
+    defaultNS: "translation",
+    ns: ["translation", ssoNamespace],
+    react: {
+      useSuspense: false
+    }
+  });
+  initialized = true;
+  return import_i18next2.default;
+}
+function I18nProvider({ children, translations, fallbackLocale: fallbackLocale2 }) {
+  const i18nInstance = (0, import_react14.useMemo)(
+    () => getOrCreateI18n(translations, fallbackLocale2),
+    [translations, fallbackLocale2]
+  );
+  return /* @__PURE__ */ (0, import_jsx_runtime8.jsx)(import_react_i18next.I18nextProvider, { i18n: i18nInstance, children });
+}
+
+// src/i18n/useTranslations.ts
+var import_react15 = require("react");
+var import_react_i18next3 = require("react-i18next");
+function useTranslations(namespace) {
+  const { t: i18nT } = (0, import_react_i18next3.useTranslation)();
+  const t = (0, import_react15.useCallback)(
+    (key, values) => {
+      const fullKey = namespace ? `${namespace}.${key}` : key;
+      return i18nT(fullKey, values);
+    },
+    [i18nT, namespace]
+  );
+  return t;
+}
+
+// src/i18n/useLocale.ts
+var import_react_i18next4 = require("react-i18next");
+function useLocale() {
+  const { i18n: i18n3 } = (0, import_react_i18next4.useTranslation)();
+  return i18n3.language || defaultLocale2;
+}
+
+// src/components/admin/UserTable.tsx
+var import_jsx_runtime9 = require("react/jsx-runtime");
+function UserTable({
+  users,
+  loading = false,
+  pagination,
+  sortField,
+  sortOrder,
+  onPageChange,
+  onSortChange,
+  onSearch,
+  onEdit,
+  onDelete,
+  deleteLoading = false,
+  showSearch = true,
+  showActions = true
+}) {
+  const { t } = useSsoTranslation();
+  const columns = [
+    {
+      title: t("email"),
+      dataIndex: "email",
+      key: "email",
+      sorter: true,
+      sortOrder: sortField === "email" ? sortOrder === "asc" ? "ascend" : "descend" : void 0
+    },
+    {
+      title: t("name"),
+      dataIndex: "name",
+      key: "name",
+      sorter: true,
+      sortOrder: sortField === "name" ? sortOrder === "asc" ? "ascend" : "descend" : void 0
+    },
+    {
+      title: "SSO",
+      dataIndex: "console_user_id",
+      key: "sso",
+      width: 100,
+      render: (value) => value ? /* @__PURE__ */ (0, import_jsx_runtime9.jsx)(import_antd4.Tag, { color: "green", children: t("ssoUser") }) : /* @__PURE__ */ (0, import_jsx_runtime9.jsx)(import_antd4.Tag, { color: "default", children: t("localUser") })
+    }
+  ];
+  if (showActions && (onEdit || onDelete)) {
+    columns.push({
+      title: t("actions"),
+      key: "actions",
+      width: 120,
+      render: (_, record) => /* @__PURE__ */ (0, import_jsx_runtime9.jsxs)(import_antd4.Space, { children: [
+        onEdit && /* @__PURE__ */ (0, import_jsx_runtime9.jsx)(
+          import_antd4.Button,
+          {
+            type: "text",
+            icon: /* @__PURE__ */ (0, import_jsx_runtime9.jsx)(import_icons4.EditOutlined, {}),
+            size: "small",
+            onClick: () => onEdit(record)
+          }
+        ),
+        onDelete && /* @__PURE__ */ (0, import_jsx_runtime9.jsx)(
+          import_antd4.Popconfirm,
+          {
+            title: t("confirmDelete"),
+            onConfirm: () => onDelete(record),
+            okText: t("yes"),
+            cancelText: t("no"),
+            children: /* @__PURE__ */ (0, import_jsx_runtime9.jsx)(
+              import_antd4.Button,
+              {
+                type: "text",
+                danger: true,
+                icon: /* @__PURE__ */ (0, import_jsx_runtime9.jsx)(import_icons4.DeleteOutlined, {}),
+                size: "small",
+                loading: deleteLoading
+              }
+            )
+          }
+        )
+      ] })
+    });
+  }
+  const handleTableChange = (paginationConfig, _filters, sorter) => {
+    if (onPageChange && paginationConfig.current && paginationConfig.pageSize) {
+      onPageChange(paginationConfig.current, paginationConfig.pageSize);
+    }
+    if (onSortChange) {
+      const singleSorter = Array.isArray(sorter) ? sorter[0] : sorter;
+      if (singleSorter?.field) {
+        onSortChange(
+          singleSorter.field,
+          singleSorter.order === "ascend" ? "asc" : "desc"
+        );
+      } else {
+        onSortChange(void 0, void 0);
+      }
+    }
+  };
+  return /* @__PURE__ */ (0, import_jsx_runtime9.jsxs)("div", { children: [
+    showSearch && onSearch && /* @__PURE__ */ (0, import_jsx_runtime9.jsx)("div", { style: { marginBottom: 16 }, children: /* @__PURE__ */ (0, import_jsx_runtime9.jsx)(
+      import_antd4.Input,
+      {
+        placeholder: t("searchUsers"),
+        prefix: /* @__PURE__ */ (0, import_jsx_runtime9.jsx)(import_icons4.SearchOutlined, {}),
+        onChange: (e) => onSearch(e.target.value),
+        style: { width: 300 },
+        allowClear: true
+      }
+    ) }),
+    /* @__PURE__ */ (0, import_jsx_runtime9.jsx)(
+      import_antd4.Table,
+      {
+        columns,
+        dataSource: users,
+        loading,
+        rowKey: "id",
+        onChange: handleTableChange,
+        pagination: pagination ? {
+          current: pagination.current_page,
+          pageSize: pagination.per_page,
+          total: pagination.total,
+          showSizeChanger: true,
+          showTotal: (total) => t("total", { count: total })
+        } : false
+      }
+    )
+  ] });
+}
+
+// src/components/admin/UserForm.tsx
+var import_antd5 = require("antd");
+var import_jsx_runtime10 = require("react/jsx-runtime");
+function UserForm({
+  initialValues,
+  onSubmit,
+  onCancel,
+  loading = false,
+  submitText
+}) {
+  const { t } = useSsoTranslation();
+  const [form] = import_antd5.Form.useForm();
+  const handleFinish = (values) => {
+    onSubmit(values);
+  };
+  return /* @__PURE__ */ (0, import_jsx_runtime10.jsxs)(
+    import_antd5.Form,
+    {
+      form,
+      layout: "vertical",
+      initialValues,
+      onFinish: handleFinish,
+      style: { maxWidth: 600 },
+      children: [
+        /* @__PURE__ */ (0, import_jsx_runtime10.jsx)(
+          import_antd5.Form.Item,
+          {
+            label: t("name"),
+            name: "name",
+            rules: [
+              { required: true, message: t("required", { field: t("name") }) },
+              { max: 255, message: t("maxLength", { field: t("name"), max: 255 }) }
+            ],
+            children: /* @__PURE__ */ (0, import_jsx_runtime10.jsx)(import_antd5.Input, {})
+          }
+        ),
+        /* @__PURE__ */ (0, import_jsx_runtime10.jsx)(
+          import_antd5.Form.Item,
+          {
+            label: t("email"),
+            name: "email",
+            rules: [
+              { required: true, message: t("required", { field: t("email") }) },
+              { type: "email", message: t("invalidEmail") }
+            ],
+            children: /* @__PURE__ */ (0, import_jsx_runtime10.jsx)(import_antd5.Input, { type: "email" })
+          }
+        ),
+        /* @__PURE__ */ (0, import_jsx_runtime10.jsx)(import_antd5.Form.Item, { children: /* @__PURE__ */ (0, import_jsx_runtime10.jsxs)(import_antd5.Space, { children: [
+          /* @__PURE__ */ (0, import_jsx_runtime10.jsx)(import_antd5.Button, { type: "primary", htmlType: "submit", loading, children: submitText || t("save") }),
+          onCancel && /* @__PURE__ */ (0, import_jsx_runtime10.jsx)(import_antd5.Button, { onClick: onCancel, children: t("cancel") })
+        ] }) })
+      ]
+    }
+  );
+}
+
 // src/utils/branchHeaders.ts
 var BRANCH_HEADERS = {
   BRANCH_ID: "X-Branch-Id",
@@ -2253,8 +2750,13 @@ function createRoleService(config) {
      * List all roles (admin)
      * GET /api/admin/sso/roles
      */
-    adminList: async (orgSlug) => {
-      return request(apiUrl, "/api/admin/sso/roles", {
+    adminList: async (orgSlug, params) => {
+      const searchParams = new URLSearchParams();
+      if (params?.["filter[scope]"]) searchParams.set("filter[scope]", params["filter[scope]"]);
+      if (params?.["filter[org_id]"]) searchParams.set("filter[org_id]", params["filter[org_id]"]);
+      const query = searchParams.toString();
+      const path = query ? `/api/admin/sso/roles?${query}` : "/api/admin/sso/roles";
+      return request(apiUrl, path, {
         headers: buildHeaders(orgSlug)
       });
     },
@@ -2608,6 +3110,91 @@ var getEffectivePermissions = (roleAssignments, allRoles, orgId, branchId) => {
   return Array.from(permissions);
 };
 
+// src/services/userService.ts
+function createUserService(config) {
+  const { apiUrl } = config;
+  const basePath = "/api/admin/sso/users";
+  return {
+    /**
+     * List users with pagination and filtering
+     */
+    async list(params, orgSlug) {
+      const searchParams = new URLSearchParams();
+      if (params?.page) searchParams.set("page", String(params.page));
+      if (params?.per_page) searchParams.set("per_page", String(params.per_page));
+      if (params?.["filter[search]"]) searchParams.set("filter[search]", params["filter[search]"]);
+      if (params?.["filter[org_id]"]) searchParams.set("filter[org_id]", params["filter[org_id]"]);
+      if (params?.sort) searchParams.set("sort", params.sort);
+      const query = searchParams.toString();
+      const path = query ? `${basePath}?${query}` : basePath;
+      return request(apiUrl, path, {
+        method: "GET",
+        headers: buildHeaders(orgSlug)
+      });
+    },
+    /**
+     * Get user by ID
+     */
+    async get(id, orgSlug) {
+      const response = await request(apiUrl, `${basePath}/${id}`, {
+        method: "GET",
+        headers: buildHeaders(orgSlug)
+      });
+      return response.data;
+    },
+    /**
+     * Update a user
+     */
+    async update(id, input, orgSlug) {
+      const response = await request(apiUrl, `${basePath}/${id}`, {
+        method: "PUT",
+        headers: buildHeaders(orgSlug),
+        body: JSON.stringify(input)
+      });
+      return response.data;
+    },
+    /**
+     * Delete a user
+     */
+    async delete(id, orgSlug) {
+      await request(apiUrl, `${basePath}/${id}`, {
+        method: "DELETE",
+        headers: buildHeaders(orgSlug)
+      });
+    },
+    /**
+     * Search users by email (autocomplete)
+     */
+    async search(email, orgSlug) {
+      if (email.length < 2) return [];
+      const response = await request(
+        apiUrl,
+        `${basePath}/search?email=${encodeURIComponent(email)}`,
+        {
+          method: "GET",
+          headers: buildHeaders(orgSlug)
+        }
+      );
+      return response.data;
+    },
+    /**
+     * Get user permissions breakdown
+     * Shows roles, teams, and aggregated permissions for a user in context
+     */
+    async getPermissions(userId, orgId, branchId, orgSlug) {
+      const params = new URLSearchParams();
+      if (orgId) params.set("org_id", orgId);
+      if (branchId) params.set("branch_id", branchId);
+      const query = params.toString();
+      const path = query ? `${basePath}/${userId}/permissions?${query}` : `${basePath}/${userId}/permissions`;
+      return request(apiUrl, path, {
+        method: "GET",
+        headers: buildHeaders(orgSlug)
+      });
+    }
+  };
+}
+
 // src/services/ssoService.ts
 function getXsrfToken3() {
   if (typeof document === "undefined") return void 0;
@@ -2623,7 +3210,7 @@ function buildHeaders2(orgSlug) {
     headers["X-XSRF-TOKEN"] = decodeURIComponent(xsrfToken);
   }
   if (orgSlug) {
-    headers["X-Org-Slug"] = orgSlug;
+    headers["X-Org-Id"] = orgSlug;
   }
   return headers;
 }
@@ -2991,16 +3578,20 @@ function createSsoService(config) {
   BranchContext,
   BranchGate,
   BranchProvider,
+  I18nProvider,
   OrgBranchSelectorModal,
   OrganizationSwitcher,
   ProtectedRoute,
   SsoCallback,
   SsoContext,
   SsoProvider,
+  UserForm,
+  UserTable,
   branchCacheCreateSchema,
   branchCacheI18n,
   branchCacheSchemas,
   branchCacheUpdateSchema,
+  changeLanguage,
   createAuthService,
   createBranchHeaderSetter,
   createBranchService,
@@ -3010,11 +3601,14 @@ function createSsoService(config) {
   createTeamService,
   createTokenService,
   createUserRoleService,
+  createUserService,
   defaultLocale,
+  defaultTranslations,
   fallbackLocale,
   getBranchCacheFieldLabel,
   getBranchCacheFieldPlaceholder,
   getBranchCacheLabel,
+  getCurrentLocale,
   getEffectivePermissions,
   getMessage,
   getMessages,
@@ -3040,6 +3634,8 @@ function createSsoService(config) {
   getUserCacheFieldLabel,
   getUserCacheFieldPlaceholder,
   getUserCacheLabel,
+  localeNames,
+  locales,
   organizationCacheCreateSchema,
   organizationCacheI18n,
   organizationCacheSchemas,
@@ -3057,6 +3653,7 @@ function createSsoService(config) {
   roleSchemas,
   roleUpdateSchema,
   setBranchHeaders,
+  ssoNamespace,
   ssoQueryKeys,
   supportedLocales,
   teamCacheCreateSchema,
@@ -3070,8 +3667,11 @@ function createSsoService(config) {
   useAuth,
   useBranch,
   useBranchGate,
+  useLocale,
   useOrganization,
   useSso,
+  useSsoTranslation,
+  useTranslations,
   userCacheCreateSchema,
   userCacheI18n,
   userCacheSchemas,