Demo Access Flow

Placeholder for the future guided demo request flow. The structure is ready for identity checks, key issuance, and session-scoped demo permissions.