Source: ocean/docs/adr/0023-provisioning-guards-and-audit-trail.md | ✏️ Edit on GitHub

ADR-0023: Provisioning Guards, Region Mapping, and Audit Trail

Date: 2025-08-13

Status: Accepted

Context

Provisioning needed anti-abuse and operability improvements: recent-user guard, rate limiting, unified region mapping, and auditable events.

Decision

• Add a recency check: email-derived user must be created within 10 minutes for pre-OTP provisioning.
• Add Upstash-based throttling (5/min) keyed by email in GraphQL context.
• Centralize region mapping to AWS-style keys in graphql-v2/services/provisioning.ts (mapDataRegionToNeon).
• Emit provisioning_events for start/completed/failed, plus Stripe/Neon step logs.
• Remove legacy provisioning function to avoid duplication.

Consequences

• Lower abuse surface and clearer incident trails.
• Region mapping is consistent across functions.