> ## Documentation Index
> Fetch the complete documentation index at: https://docs.curvelabs.org/llms.txt
> Use this file to discover all available pages before exploring further.

# Production checklist

> Controls required before launching cookbook examples.

Both cookbook READMEs state that these examples are starting points, not production-ready defaults.

<Warning>
  Do not expose cookbook routes publicly until you have added product-specific auth, abuse controls, monitoring, and
  data-handling policies.
</Warning>

## Required before launch

* Authenticate and authorize every API route with user and tenant checks.
* Apply edge and app rate limiting, throttling, and abuse controls.
* Review CORS and CSRF policies.
* Enforce strict request limits.
* Set up structured logs, error reporting, and alerting for provider failures.
* Store and rotate API keys in managed secret stores.
* Enforce retention, deletion, and sensitive-data sanitization policies.
* Define reliability and cost safeguards, including budgets, retries, and circuit breakers.
