Developers
Production requirements for S2P workspaces.
Review the systems, credentials, and operational settings needed to run GitHub-to-social publishing with clear ownership.
At a glance
Secrets never belong in the client bundle.
Public browser settings must be safe to expose. Private keys, OAuth secrets, token encryption keys, and internal service credentials stay server-side.
Rule
Secrets never belong in the client bundle.
Public browser settings must be safe to expose. Private keys, OAuth secrets, token encryption keys, and internal service credentials stay server-side.
Runtime groups
Production categories.
Auth
Authentication provider keys, issuer domains, session handling, and backend verification settings.
Convex and Trigger.dev
Backend URLs, deployment credentials, background job credentials, project refs, and internal service authentication.
GitHub App
App id, private key PEM, webhook secret, app slug, and optional dedicated install-state signing secret.
AI and social providers
AI provider keys, model defaults, OAuth app credentials, redirect URIs, and encrypted publishing tokens.
Application, billing, monitoring
Public app URLs, billing credentials, monitoring settings, and support channels for production operation.
Readiness
What a production workspace should confirm.
- Authentication and workspace ownership are configured.
- GitHub App credentials and webhook secrets are controlled.
- AI, social, and billing provider credentials are stored server-side.
- Monitoring, audit review, and support escalation paths are known before launch.