the caller's verified principal id, or null/undefined for anonymous.
Optionalisfast-path admin check (verified). If omitted, the literal "admin" scope is used.
Optionalscopesthe caller's granted scopes (e.g. ["admin"], ["org:1:read"]). Default: none.
Read identity from a request — the app supplies these (it owns its principal/scope model).