Identity and policy
Production auth adapters, tenant isolation, RBAC mapping, waiting rooms, token revocation, admin origin controls, and permission policy hot reload.
Connectivity
WSS, SFU UDP/TCP requirements, TURN relay ranges, TURNS fallback, dynamic credentials, regional providers, and proxy timeout guidance.
Telemetry and retention
OpenTelemetry, Prometheus, usage events, global monitoring, and pluggable customer-owned persistence. In-memory defaults must be replaced where durability matters.
Current distributed-system boundary
Multi-instance and multi-region abstractions exist, but durable shared registry, production pub/sub adapters, automated capacity routing, and broad failure validation remain foundation work.