Currently single-tenant: one set of NCMEC credentials from env vars, hardcoded reporter identity. No org model.
For multi-org support, need:
- Organization model with ESP ID, org name, NCMEC credentials (encrypted at rest)
- Operator to Organization FK
- Session to Organization context for audit trail
- Per-org reporter identity in XML report builder
- Per-org NCMECClient instantiation with org-specific credentials
- Credential rotation support
- Optional: per-org database isolation
Currently single-tenant: one set of NCMEC credentials from env vars, hardcoded reporter identity. No org model.
For multi-org support, need: