Why
Both marketdata and trading/account surfaces require authentication. The runtime needs a shared session model before the first real adapter shim lands.
Scope
- introduce a concrete
AuthSessionManager / SessionContext model
- support the two documented login shapes:
account + password + cert + cert passwordaccount + API key + cert + cert password
- add first TW cash-oriented marketdata and broker adapter shims behind those contracts
- expose capability / health / rate-limit / connection-limit metadata
Acceptance criteria
- the runtime can reason about one logical session even if the vendor uses separate underlying surfaces
- session capability state clearly shows whether trade permission is enabled
- adapter contracts make shared subscription planning and reconnect behavior inspectable
- the implementation leaves room for agent-assisted setup with trade-disabled API keys as a safety boundary
Why
Both marketdata and trading/account surfaces require authentication. The runtime needs a shared session model before the first real adapter shim lands.
Scope
AuthSessionManager/SessionContextmodelaccount + password + cert + cert passwordaccount + API key + cert + cert passwordAcceptance criteria