Skip to main content
This checklist is the minimum operational path for a private-beta Wazoo Platform API launch. It assumes the Platform API is the public management plane and that Worlds data-plane operations remain separate. Canonical beta surfaces:

Launch surface

Private beta includes:
  • Organization and World management through the Platform API.
  • One Turso/libSQL database provisioned per hosted World.
  • Platform tokens with the wzp_ prefix.
  • World auth tokens with the wzw_ prefix for data-plane access.
  • Turnstile-protected private beta applications through Wazoo Console.
  • Usage, limits, and Stripe-shaped billing visibility.
  • Soft-delete, undelete, and sync for World lifecycle recovery.
Private beta does not yet include:
  • Live Stripe payment enforcement.
  • Public audit log APIs.
  • Groups, projects, or folders.
  • Full data-plane quota enforcement.
  • R2 backup/restore flows.
  • A schema-level OpenAPI document for the Platform API.

Bootstrap

  1. Create the Turso/libSQL control database.
  2. Apply wazoo-api/schema.sql to the control database.
  3. Configure the Worker environment:
  1. Manually seed one global admin platform token.
  2. Deploy wazoo-console with NEXT_PUBLIC_WAZOO_API_BASE_URL, NEXT_PUBLIC_TURNSTILE_SITE_KEY, and server-only WAZOO_PLATFORM_ADMIN_TOKEN.
Admin token invariants:
Public token creation endpoints must never mint admin tokens.

Smoke Test

Run the management-plane smoke test from wazoo-api:
The smoke test verifies:
  • Health endpoint.
  • Organization create/get.
  • World create and Turso provisioning.
  • World sync.
  • World token create, atomic rotate, and revoke.
  • Usage, limits, and billing reads.
  • World soft-delete, undelete, and final soft-delete.
Use a dedicated smoke organization by setting:

Manual Verification

Before inviting beta users, verify one fresh org/world by hand:
  1. Create an organization.
  2. Create a World.
  3. Confirm the control DB stores the deterministic Turso database name.
  4. Confirm the Turso database exists.
  5. Run :sync and inspect the syncReport.
  6. Create a world token.
  7. Rotate the world token and confirm one replacement token remains.
  8. Revoke the replacement token.
  9. Soft-delete and undelete the World.
  10. Inspect usage rows and admin audit rows.

Launch Gates

All of these must pass before beta access expands:

Support Playbook

Common operator actions:
  • Approve beta access: approve the beta application; this creates an Organization only. Create a World after the user is accepted.
  • Reject beta access: reject the beta application with an internal note.
  • Recover failed provisioning: run World :sync, then inspect syncReport.
  • Suspend an organization: patch Organization.state = SUSPENDED with a global admin token.
  • Unsuspend an organization: patch Organization.state = ACTIVE with a global admin token.
  • Reduce access: revoke world tokens or platform tokens.
  • Investigate support action history: inspect internal admin_audit_events.
Do not use data-plane routes to bypass quota or suspension during private beta. Admin bypass is for management/support operations only.