Users should not have to create a different account for every product in the same company family. That introduces friction immediately and creates avoidable reconciliation work later.
For OinkSky, the cleanest option is one shared auth truth across products, with product-specific membership and workspace logic layered on top.
A diagram of shared identity infrastructure kept separate from product-domain data.
Identity tables, membership, credit ledger, and product definitions belong in a shared layer. Product domain data should remain separate so each product can evolve without polluting the other.
In practice, that means keeping account and billing logic central while leaving decks, slides, runs, documents, or presentation state inside the product domain.
Different domains can share account data in the backend, but they cannot magically share one browser cookie session across unrelated top-level domains.
That is acceptable. The important thing is unified identity, not pretending the browser's cookie model works differently than it does.