feat(orgchart): Introduce standalone orgchart RP and shared link public API

This commit includes:
- Added SharedLink data model and Keto-bypassed public API for orgchart view
- Configured 'orgfront' as a new OAuth2 client in hydra
- Applied MH Dashboard premium beige theme to OrgChart
- Implemented user lookup fallback to company code

compose.ory.yaml

@@ -206,6 +206,7 @@ services:
             - |
               hydra delete oauth2-client --endpoint http://hydra:4445 adminfront >/dev/null 2>&1 || true
               hydra delete oauth2-client --endpoint http://hydra:4445 devfront >/dev/null 2>&1 || true
+              hydra delete oauth2-client --endpoint http://hydra:4445 orgfront >/dev/null 2>&1 || true
               hydra delete oauth2-client --endpoint http://hydra:4445 ${OATHKEEPER_INTROSPECT_CLIENT_ID:-oathkeeper-introspect} >/dev/null 2>&1 || true
 
               hydra create oauth2-client \
@@ -228,6 +229,16 @@ services:
               --token-endpoint-auth-method none \
               --redirect-uri ${DEVFRONT_CALLBACK_URLS:-http://localhost:5174/auth/callback}
 
+              hydra create oauth2-client \
+                --endpoint http://hydra:4445 \
+                --id orgfront \
+                --name "OrgFront" \
+              --grant-type authorization_code,refresh_token \
+              --response-type code \
+              --scope openid,offline_access,profile,email \
+              --token-endpoint-auth-method none \
+              --redirect-uri ${ORGFRONT_CALLBACK_URLS:-http://localhost:5175/auth/callback}
+
               hydra create oauth2-client \
                 --endpoint http://hydra:4445 \
                 --id ${OATHKEEPER_INTROSPECT_CLIENT_ID:-oathkeeper-introspect} \