The identity engine holds the canonical record of every person the building interacts with. There is one representation of a resident — not one in the access system, one in the property management system, one in the resident app, and one on a clipboard at the front desk. The same is true for staff, contractors, and recurring guests. Identity reconciliation is not an end-of-quarter cleanup task; it is the engine's continuous job.

Authentication is multi-modal. Residents prove identity through the resident app's device-bound credential; guests through a scoped, time-bound link; staff through the building's identity provider; contractors through service-account credentials issued against an active work order. The engine evaluates the strength of the proof against the action being requested — opening the lobby door requires less assurance than authorizing a withdrawal from the building's operations account.

The identity engine is what makes portability work. A resident who moves between buildings under the same operator carries their identity with them, with credentials that re-scope on arrival. A staff member promoted to a multi-building role inherits the access pattern her new role requires without manual provisioning. The engine is the single source the orchestration, permissions, and payment engines consult before acting.