Launch clearance
Current B2B launch clearance.
A live register for what Thesmios can sell now, what is conditional, and what remains blocked. It reads the running deployment readiness checks and turns them into launch motions buyers and operators can understand.
degraded
advisory readiness
not_ready
strict readiness
7
live blockers
6
customer evidence gates
Decision
Keep managed beta separate from paid self-serve and broad enterprise claims.
Managed private beta: conditional. Invoice-led paid beta: conditional. Self-serve paid launch: blocked. Enterprise expansion: blocked.
THESMIOS_SMOKE_URL=https://www.thesmios.com npm run check:readiness -- --strict
Managed private beta
Conditionally launchable for a named design partner with signed scope, operator fixture evidence, manual support fallback, and launch acceptance.
Allowed only when public checks pass, customer scope is signed, private-beta blockers are either proven or explicitly scoped into the order form, and the tenant launch room/dossier are attached.
Invoice-led paid beta
Conditionally launchable only after customer acceptance, billing profile, invoice/order-form evidence, and authenticated fixture proof are attached.
Paid beta can use invoice/order-form billing while Stripe self-serve remains blocked, but private-beta fixture and customer acceptance evidence must be attached.
Self-serve paid launch
Blocked. Strict readiness must be ready and Stripe fixture proof must pass before self-serve checkout is enabled.
Requires strict readiness, Stripe production products/prices/webhook proof, authenticated fixtures, and customer-facing support notification proof.
Broad enterprise expansion
Blocked. Enterprise SSO, SAML, HRIS, official issuer credentials, and SCIM fixture evidence remain customer/vendor-specific.
Requires strict readiness plus customer-specific SSO/SAML/SCIM, HRIS, official issuer, procurement, DPIA, retention, restore, and security evidence.
Live blockers
| Blocker | Scope | Dependency | Proof path | If missing |
|---|---|---|---|---|
| Authenticated smoke fixture recordsSeed authenticated smoke users and fixture records before relying on production RLS/API evidence. | private beta | data_sets, data_set_records | Authenticated access and RLS proofTHESMIOS_SMOKE_URL=https://www.thesmios.com npm run check:auth-api | Do not claim production tenant isolation or verifier access control has been proven. |
| Support emailRequired for customer-request acknowledgements and status subscription confirmation mail. | private beta | RESEND_API_KEY | Support and status notification proofTHESMIOS_SMOKE_URL=https://www.thesmios.com STATUS_BROADCAST_SECRET=<secret> THESMIOS_NOTIFICATION_TEST_EMAIL=<test-email> npm run check:notification-fixture && CONFIRM_SUPPORT_NOTIFICATION_FIXTURE=thesmios-support-notification-fixture THESMIOS_SMOKE_URL=https://www.thesmios.com THESMIOS_NOTIFICATION_TEST_EMAIL=<test-email> npm run check:support-notification-fixture | Keep support/status email as dry-run or retained-attempt evidence and use manual customer communication for launch. |
| Stripe self-serve billingRequired for public self-serve checkout; invoice-only private beta can run without it. | paid launch | STRIPE_SECRET_KEY, STRIPE_WEBHOOK_SECRET, STRIPE_PRICE_REPORT, STRIPE_PRICE_MONITORING | Stripe self-serve billing proofTHESMIOS_SMOKE_URL=https://www.thesmios.com STRIPE_WEBHOOK_SECRET=<secret> npm run check:stripe-fixture | Do not enable self-serve checkout; keep paid beta invoice-only or order-form contracted. |
| Enterprise OIDC broker configRequired before enterprise OIDC can move from managed setup to live brokered SSO. | enterprise | ENTERPRISE_OIDC_ISSUER, ENTERPRISE_OIDC_CLIENT_ID, ENTERPRISE_OIDC_CLIENT_SECRET | SCIM and enterprise SSO proofTHESMIOS_SMOKE_URL=https://www.thesmios.com THESMIOS_SCIM_TOKEN=<tenant-token> npm run check:scim-fixture | Sell enterprise SSO/SCIM as managed setup only, not self-serve enterprise provisioning. |
| Enterprise SAML IdP configRequired before enterprise SAML can move from managed setup to live brokered SSO. | enterprise | SAML_IDP_ENTITY_ID, SAML_IDP_SSO_URL, SAML_IDP_CERTIFICATE | SCIM and enterprise SSO proofTHESMIOS_SMOKE_URL=https://www.thesmios.com THESMIOS_SCIM_TOKEN=<tenant-token> npm run check:scim-fixture | Sell enterprise SSO/SCIM as managed setup only, not self-serve enterprise provisioning. |
| HRIS connector credentialsRequired before Workday and BambooHR connectors can be sold as customer-live. | enterprise | WORKDAY_REST_BASE_URL, WORKDAY_ACCESS_TOKEN, BAMBOOHR_COMPANY_DOMAIN, BAMBOOHR_API_KEY | SCIM and enterprise SSO proofTHESMIOS_SMOKE_URL=https://www.thesmios.com THESMIOS_SCIM_TOKEN=<tenant-token> npm run check:scim-fixture | Sell enterprise SSO/SCIM as managed setup only, not self-serve enterprise provisioning. |
| Official issuer connector credentialsRequired before official issuer integrations can be sold as live rather than credential-required or manual. | enterprise | COMPANIES_HOUSE_API_KEY, HOME_OFFICE_RTW_API_KEY, DBS_UPDATE_SERVICE_API_KEY, EVERIFY_INTEGRATION_APPROVED | SCIM and enterprise SSO proofTHESMIOS_SMOKE_URL=https://www.thesmios.com THESMIOS_SCIM_TOKEN=<tenant-token> npm run check:scim-fixture | Sell enterprise SSO/SCIM as managed setup only, not self-serve enterprise provisioning. |
Customer evidence
Conditional launch still needs signed customer evidence.
The register can show that the platform is deployable, but it cannot replace the buyer's order form, launch acceptance, support route, billing terms, and scoped exclusions.
Customer order-form scope
Owner: Buyer and Thesmios commercial owner
Signed order form or written approval reference; Approved worker cohort and compliance modules; Customer launch room sections
Keep the tenant in setup; do not treat private beta or paid beta as accepted.
Invoice or order-form billing route
Owner: Buyer finance owner and Thesmios operator
Tenant billing profile saved as invoice-only or Stripe-ready; Purchase-order terms or invoice contact; Customer acceptance for manual billing fallback
Run a no-charge private beta only; do not call the tenant a paid beta.
Authenticated tenant access proof
Owner: Thesmios operator
CONFIRM_LAUNCH_OPERATOR_SEED=thesmios-launch-seed run output; Owner, granted-employer, and denied-employer smoke results; Authenticated tenant launch-room snapshot
Private demo can continue, but a customer tenant cannot be accepted as live.
Credential and evidence sample proof
Owner: Thesmios operator
check:issuer-fixture output when issuer keys and auth fixtures are configured; check:evidence-fixture output when job runner secret is configured; check:audit-export-fixture output when private storage is configured; check:privacy-fixture output for data-rights proof
Do not claim production credential signing, evidence controls, audit export, or privacy fulfilment as buyer-accepted.
Support and incident fallback
Owner: Thesmios support owner
Named customer support owner; Manual incident communication channel; Status subscriber and broadcast dry-run evidence; Support request notification lifecycle fixture output; Controlled send proof when RESEND_API_KEY and sender reputation are configured
Keep support communication manual and exclude automated email delivery from the launch claim.
Customer acceptance record
Owner: Buyer sponsor and Thesmios operator
PATCH /api/platform/launch-acceptance output; Signer name, role, and approval reference; Scoped exclusions and residual risks
Do not mark the tenant as live, even when the public site and product evidence packs pass.
Evidence packs
Attach the clearance register with the launch room and proof packs.
The clearance register is a control-plane view. Buyer acceptance still needs the customer launch room, authenticated tenant dossier, production proof, procurement evidence, and operator proof bundle.
Boundaries