diff --git a/docs/architecture/bff-identity-boundary.md b/docs/architecture/bff-identity-boundary.md
new file mode 100644
index 0000000..efe43ea
--- /dev/null
+++ b/docs/architecture/bff-identity-boundary.md
@@ -0,0 +1,14 @@
+# Thalos BFF Identity Boundary
+
+## Purpose
+Keep thalos-bff as an edge adapter layer that consumes thalos-service and adopted identity capability contracts.
+
+## BFF Responsibilities
+- Edge contract handling
+- Service client adaptation
+- Correlation/tracing propagation
+
+## Prohibited
+- Direct DAL access
+- Identity policy decision ownership
+- Identity persistence concerns
diff --git a/docs/migration/building-block-identity-adoption-plan.md b/docs/migration/building-block-identity-adoption-plan.md
new file mode 100644
index 0000000..c46e8aa
--- /dev/null
+++ b/docs/migration/building-block-identity-adoption-plan.md
@@ -0,0 +1,13 @@
+# Building Block Identity Adoption Plan
+
+## Goal
+Align BFF contract usage with building-block-identity contract surface without changing behavior.
+
+## Steps
+1. Map current BFF identity contract types to capability contract types.
+2. Keep compatibility bridge active during migration window.
+3. Validate edge payload behavior and service compatibility.
+
+## Guardrails
+- BFF remains service-facing.
+- No identity decision logic moves into BFF.
diff --git a/docs/migration/edge-compatibility-checks.md b/docs/migration/edge-compatibility-checks.md
new file mode 100644
index 0000000..86ef61a
--- /dev/null
+++ b/docs/migration/edge-compatibility-checks.md
@@ -0,0 +1,6 @@
+# Edge Compatibility Checks
+
+## Checks
+- Existing edge request/response behavior remains stable.
+- Correlation and trace metadata pass-through remains stable.
+- Service contract compatibility is preserved after identity contract adoption.
diff --git a/src/Thalos.Bff.Application/Adapters/IIdentityEdgeContractAdapter.cs b/src/Thalos.Bff.Application/Adapters/IIdentityEdgeContractAdapter.cs
index 924a7f9..616e017 100644
--- a/src/Thalos.Bff.Application/Adapters/IIdentityEdgeContractAdapter.cs
+++ b/src/Thalos.Bff.Application/Adapters/IIdentityEdgeContractAdapter.cs
@@ -1,6 +1,6 @@
-using Thalos.Bff.Application.Contracts;
using Thalos.Bff.Contracts.Api;
-using Thalos.Service.Identity.Abstractions.Contracts;
+using BuildingBlock.Identity.Contracts.Requests;
+using BuildingBlock.Identity.Contracts.Responses;
namespace Thalos.Bff.Application.Adapters;
diff --git a/src/Thalos.Bff.Application/Adapters/IThalosServiceClient.cs b/src/Thalos.Bff.Application/Adapters/IThalosServiceClient.cs
index 83e30d5..2e33aa6 100644
--- a/src/Thalos.Bff.Application/Adapters/IThalosServiceClient.cs
+++ b/src/Thalos.Bff.Application/Adapters/IThalosServiceClient.cs
@@ -1,5 +1,5 @@
-using Thalos.Bff.Application.Contracts;
-using Thalos.Service.Identity.Abstractions.Contracts;
+using BuildingBlock.Identity.Contracts.Requests;
+using BuildingBlock.Identity.Contracts.Responses;
namespace Thalos.Bff.Application.Adapters;
diff --git a/src/Thalos.Bff.Application/Adapters/IdentityEdgeContractAdapter.cs b/src/Thalos.Bff.Application/Adapters/IdentityEdgeContractAdapter.cs
index 508c98e..3f38a68 100644
--- a/src/Thalos.Bff.Application/Adapters/IdentityEdgeContractAdapter.cs
+++ b/src/Thalos.Bff.Application/Adapters/IdentityEdgeContractAdapter.cs
@@ -1,6 +1,6 @@
-using Thalos.Bff.Application.Contracts;
using Thalos.Bff.Contracts.Api;
-using Thalos.Service.Identity.Abstractions.Contracts;
+using BuildingBlock.Identity.Contracts.Requests;
+using BuildingBlock.Identity.Contracts.Responses;
namespace Thalos.Bff.Application.Adapters;
diff --git a/src/Thalos.Bff.Application/Contracts/RefreshIdentitySessionRequest.cs b/src/Thalos.Bff.Application/Contracts/RefreshIdentitySessionRequest.cs
deleted file mode 100644
index f4bd093..0000000
--- a/src/Thalos.Bff.Application/Contracts/RefreshIdentitySessionRequest.cs
+++ /dev/null
@@ -1,8 +0,0 @@
-namespace Thalos.Bff.Application.Contracts;
-
-///
-/// Transport-neutral internal request contract for refresh session flow.
-///
-/// Refresh token value.
-/// Request correlation identifier.
-public sealed record RefreshIdentitySessionRequest(string RefreshToken, string CorrelationId);
diff --git a/src/Thalos.Bff.Application/Contracts/RefreshIdentitySessionResponse.cs b/src/Thalos.Bff.Application/Contracts/RefreshIdentitySessionResponse.cs
deleted file mode 100644
index 5a5267c..0000000
--- a/src/Thalos.Bff.Application/Contracts/RefreshIdentitySessionResponse.cs
+++ /dev/null
@@ -1,8 +0,0 @@
-namespace Thalos.Bff.Application.Contracts;
-
-///
-/// Transport-neutral internal response contract for refresh session flow.
-///
-/// Refreshed token value.
-/// Token expiration in seconds.
-public sealed record RefreshIdentitySessionResponse(string Token, int ExpiresInSeconds);
diff --git a/src/Thalos.Bff.Application/Security/IPermissionGuard.cs b/src/Thalos.Bff.Application/Security/IPermissionGuard.cs
index 15ce8e9..2cec0fb 100644
--- a/src/Thalos.Bff.Application/Security/IPermissionGuard.cs
+++ b/src/Thalos.Bff.Application/Security/IPermissionGuard.cs
@@ -1,4 +1,4 @@
-using Thalos.Service.Identity.Abstractions.Contracts;
+using BuildingBlock.Identity.Contracts.Responses;
namespace Thalos.Bff.Application.Security;
diff --git a/src/Thalos.Bff.Application/Security/IdentityPermissionGuard.cs b/src/Thalos.Bff.Application/Security/IdentityPermissionGuard.cs
index 964e64c..e05ec49 100644
--- a/src/Thalos.Bff.Application/Security/IdentityPermissionGuard.cs
+++ b/src/Thalos.Bff.Application/Security/IdentityPermissionGuard.cs
@@ -1,4 +1,4 @@
-using Thalos.Service.Identity.Abstractions.Contracts;
+using BuildingBlock.Identity.Contracts.Responses;
namespace Thalos.Bff.Application.Security;
diff --git a/src/Thalos.Bff.Application/Thalos.Bff.Application.csproj b/src/Thalos.Bff.Application/Thalos.Bff.Application.csproj
index 206b1cc..76aa9d2 100644
--- a/src/Thalos.Bff.Application/Thalos.Bff.Application.csproj
+++ b/src/Thalos.Bff.Application/Thalos.Bff.Application.csproj
@@ -7,6 +7,6 @@
-
+
diff --git a/src/Thalos.Bff.Contracts/Conventions/ThalosBffPackageContract.cs b/src/Thalos.Bff.Contracts/Conventions/ThalosBffPackageContract.cs
index 0cc1e4c..213b7aa 100644
--- a/src/Thalos.Bff.Contracts/Conventions/ThalosBffPackageContract.cs
+++ b/src/Thalos.Bff.Contracts/Conventions/ThalosBffPackageContract.cs
@@ -11,5 +11,5 @@ public sealed class ThalosBffPackageContract : IBlueprintPackageContract
public BlueprintPackageDescriptor Descriptor { get; } = new(
"Thalos.Bff.Contracts",
PackageVersionPolicy.Minor,
- ["Core.Blueprint.Common", "Thalos.Service.Identity.Abstractions"]);
+ ["Core.Blueprint.Common", "BuildingBlock.Identity.Contracts"]);
}
diff --git a/src/Thalos.Bff.Rest/Adapters/ThalosServiceGrpcClientAdapter.cs b/src/Thalos.Bff.Rest/Adapters/ThalosServiceGrpcClientAdapter.cs
index 462f524..1a597db 100644
--- a/src/Thalos.Bff.Rest/Adapters/ThalosServiceGrpcClientAdapter.cs
+++ b/src/Thalos.Bff.Rest/Adapters/ThalosServiceGrpcClientAdapter.cs
@@ -1,9 +1,9 @@
using Grpc.Core;
using Microsoft.Extensions.Primitives;
using Thalos.Bff.Application.Adapters;
-using Thalos.Bff.Application.Contracts;
using Thalos.Service.Grpc;
-using Thalos.Service.Identity.Abstractions.Contracts;
+using BuildingBlock.Identity.Contracts.Requests;
+using BuildingBlock.Identity.Contracts.Responses;
namespace Thalos.Bff.Rest.Adapters;
diff --git a/tests/Thalos.Bff.Application.UnitTests/ContractShapeTests.cs b/tests/Thalos.Bff.Application.UnitTests/ContractShapeTests.cs
index 1df0d38..8f3e5b4 100644
--- a/tests/Thalos.Bff.Application.UnitTests/ContractShapeTests.cs
+++ b/tests/Thalos.Bff.Application.UnitTests/ContractShapeTests.cs
@@ -24,6 +24,6 @@ public class ContractShapeTests
Assert.Equal("Thalos.Bff.Contracts", contract.Descriptor.PackageId);
Assert.Equal(PackageVersionPolicy.Minor, contract.Descriptor.VersionPolicy);
Assert.Contains("Core.Blueprint.Common", contract.Descriptor.DependencyPackageIds);
- Assert.Contains("Thalos.Service.Identity.Abstractions", contract.Descriptor.DependencyPackageIds);
+ Assert.Contains("BuildingBlock.Identity.Contracts", contract.Descriptor.DependencyPackageIds);
}
}
diff --git a/tests/Thalos.Bff.Application.UnitTests/IssueTokenHandlerTests.cs b/tests/Thalos.Bff.Application.UnitTests/IssueTokenHandlerTests.cs
index ffbcf0f..c14f71f 100644
--- a/tests/Thalos.Bff.Application.UnitTests/IssueTokenHandlerTests.cs
+++ b/tests/Thalos.Bff.Application.UnitTests/IssueTokenHandlerTests.cs
@@ -1,9 +1,9 @@
-using Thalos.Bff.Application.Contracts;
using Thalos.Bff.Application.Adapters;
using Thalos.Bff.Application.Handlers;
using Thalos.Bff.Application.Security;
using Thalos.Bff.Contracts.Api;
-using Thalos.Service.Identity.Abstractions.Contracts;
+using BuildingBlock.Identity.Contracts.Requests;
+using BuildingBlock.Identity.Contracts.Responses;
namespace Thalos.Bff.Application.UnitTests;
diff --git a/tests/Thalos.Bff.Application.UnitTests/RefreshSessionHandlerTests.cs b/tests/Thalos.Bff.Application.UnitTests/RefreshSessionHandlerTests.cs
index aa494ac..b805764 100644
--- a/tests/Thalos.Bff.Application.UnitTests/RefreshSessionHandlerTests.cs
+++ b/tests/Thalos.Bff.Application.UnitTests/RefreshSessionHandlerTests.cs
@@ -1,8 +1,8 @@
using Thalos.Bff.Application.Adapters;
-using Thalos.Bff.Application.Contracts;
using Thalos.Bff.Application.Handlers;
using Thalos.Bff.Contracts.Api;
-using Thalos.Service.Identity.Abstractions.Contracts;
+using BuildingBlock.Identity.Contracts.Requests;
+using BuildingBlock.Identity.Contracts.Responses;
namespace Thalos.Bff.Application.UnitTests;