Core concepts
Workspaces, projects, checks, watchdogs, and gates — the five nouns the whole product is built on.
Getting started
Core concepts
PreFlight uses a small, consistent vocabulary. Learn these five nouns and every dashboard tab, API route, and doc page will read naturally.
Everything in the product — checks, Sentinel, deploy gates, Trust Center exports, and MCP tools — hangs off a workspace and the projects inside it.
Workspace
A workspace is your team's container. It owns billing, seats, members, invites, alert channels, and account API keys. Permissions flow through workspace membership; API keys inherit the owner's project access.
- One workspace per company or product org is typical
- Workspace owners create API keys and manage billing
- Members can run checks and manage projects they are assigned to
Project
A project represents one app you are launching or operating. Each project stores:
| Field | Purpose |
|---|---|
| Production or staging URL | The only origin scanned for DNS, SSL, SEO, legal pages, and frontend secret leaks |
| Connected providers | Encrypted credential bundles per integration |
| Check history | Every probe result with response time and fix suggestions |
| Watchdog state | Monitoring sessions, Sentinel cadence, Vercel Watch, Revenue Watch |
| Trust & exports | Public trust tokens and downloadable reports |
One app, one project
Keep staging and production in separate projects when their URLs and credentials differ. Mixing environments in one project makes deploy gates and Trust Center evidence harder to explain.
Check
A check is a single evaluation of a project. PreFlight runs three probe families in one action:
| Family | Examples |
|---|---|
| App URL | DNS, TLS, SEO tags, legal pages, performance budget, secret scanner |
| Provider | Stripe signing, Supabase admin, Resend sender, Vercel deployment state |
| Consistency | Cross-provider sanity such as environment parity between services |
| Status | Meaning | Release impact |
|---|---|---|
| Success | The probe observed the expected behavior. | Safe to ship when paired with fresh checks. |
| Warning | Partial success or a retry-worthy edge case. | Review before launch; may block strict deploy gates. |
| Failed | A hard blocker until remediated. | Blocks deploy gates and should open a runbook. |
| Skipped / Missing | No credentials, URL, or first run yet. | Connect the provider or save the project URL first. |
Checks are stored as runs. Each run contains many probe rows keyed by integrationType and probeKey — the same identifiers runbooks, incidents, and the API surface use.
Watchdog
Watchdogs sample over time instead of running once:
| Watchdog | When to use |
|---|---|
| 24-hour Monitoring | Dense sampling during launch week when rollback is still cheap |
| 24/7 Sentinel | Always-on health sampling with cadence, pause, and failure thresholds |
| Vercel Watch | Production deployment status, domain drift, env parity |
| Revenue Watch | Stripe Checkout sessions reconciled against Supabase side effects |
| Data Integrity Guard | Metadata-only Supabase baseline and read-only integrity signals; it does not prove backup restorability |
Read Monitoring and Sentinel for how launch-window monitoring hands off to Sentinel.
Gate
A Deploy Gate is a release control. CI, GitHub Actions, or Vercel asks PreFlight whether a project is safe to ship. The gate returns allowed: true | false with human-readable blocking reasons.
Gates can require fresh checks, healthy Sentinel, clean Revenue Watch, schema sync, and provider pass rates. See Deploy Gates for strict vs relaxed policies.
How they connect
- Create a workspace and project for the app you are shipping.
- Connect providers and run a check to establish a baseline.
- Start Monitoring for the launch window, then enable Sentinel for ongoing coverage.
- Add a Deploy Gate so future releases cannot ship while the project is unhealthy.
- Publish a Trust Center report when external stakeholders need evidence.
- Optionally connect the MCP server so agents can re-run checks from your IDE.
Product surface map
| Dashboard area | Concept |
|---|---|
| Overview, Checks, Readiness | Check + baseline |
| Monitoring, Sentinel, Incidents | Watchdog + response |
| Vercel Watch, Revenue Watch | Specialized watchdogs |
| Deploy Gates, API Security | Gate + automation boundaries |
| Runbooks, Flight Recorder, Activity | Evidence + remediation |
| Trust Center, Exports | External proof |
