Best Practices

Use DartStream as an operations layer, not as a place to hide unfinished backend behavior.

Start with Clear Boundaries

  • Create separate environments for development, staging, and production.

  • Keep tenant and project naming clear.

  • Decide which capabilities belong to DartStream, IntelliToggle, DartCodeAI, and DartCloudFunctions.

  • Avoid one-off behavior that cannot be reused across Aortem products.

Treat Billing as Runtime State

Billing affects entitlements. Always verify:

  • app UI plan label

  • billing service subscription response

  • Stripe customer and subscription state

  • webhook reconciliation

  • logout/login refresh behavior

Use Runtime Controls Carefully

  • Keep production changes reversible.

  • Use defaults in app code.

  • Audit who changed controls.

  • Remove stale controls after rollout.

  • Do not use flags as the only security boundary.

Provider Integrations

Before calling a provider workflow complete, verify:

  • credential capture or secret reference

  • backend validation

  • tenant and environment scoping

  • entitlement enforcement

  • UI state

  • logs and audit evidence

Launch Readiness

Do not call a workflow ready for real users until it passes in both dev and production, including browser QA where applicable.