For the people who run Curiosity Workspace

Pick a delivery platform and bring up your first workspace. Local Docker, full Kubernetes, Windows installer, and per-cloud reference architectures.

TLS, secrets, JWT keys, ReBAC, token discipline. The baseline that has to be in place before real users sign in.

Microsoft Entra ID, Google, Okta, Auth0, SAML. With group → team mapping for ReBAC.

The full pre-flight checklist: image hygiene, storage, networking, identity, observability, disaster recovery.

What to watch, what to alert on, where the metrics live, how to wire it to your existing observability stack.

Snapshot, ship off-host, restore into a sandbox, and validate. With a quarterly drill template.

Versioned image tags, schema migrations, environment promotion.

Symptom-first guide. Each section walks from "what you're seeing" to the most likely cause and how to confirm.

Every runtime environment variable, with recommended values per environment tier.

The three token types and least-privilege recipes for connectors, exports, and third-party integrations.

HTTP status codes, the error envelope, retry policies.

Built-in routes (auth, SSO, custom endpoint invocation, admin metrics).