# 06 — Tenant Admin PWA (Store-Ready)

Packaging
- Android: Trusted Web Activity (TWA) bound to `admin.<domain>`; fallback Capacitor if native plugins needed.
- iOS: Capacitor wrapper with push notifications and secure storage.
- Installable PWA (A2HS) with offline and background sync.

Auth & Tenancy
- OAuth2 Authorization Code + PKCE; refresh tokens; secure storage (Keychain/Keystore).
- Tokens carry `tenant_id` and roles; backend enforces scoping.

Capabilities
- Manage events, galleries, members, settings, legal pages, purchases.
- Notifications: Web Push (Android TWA) and Capacitor push (iOS).
- Conflict handling: ETag/If-Match; audit changes.

Distribution & CI
- Play: assetlinks.json at `/.well-known/assetlinks.json`.
- App Store: fastlane lanes; privacy manifests.
- Version alignment with backend; feature flags synced on login.

See also: docs/adr/ADR-0006-tenant-admin-pwa.md