Auth boundary
Clerk handles sessions and organizations. M-Roc keeps product permissions, tenant membership mirrors and audit logs.
MVP scaffold
M-Roc starts with tenant-safe access control.
The application shell is ready for Clerk-based authentication while product authorization stays inside PostgreSQL. Email delivery stays behind a provider adapter so Mailgun can move first while SES remains a future economic candidate.
Tenant isolation
Every customer-owned resource must carry tenant context and every protected handler must verify it before data access.
Deliverability
Sending stays blocked until domain authentication, unsubscribe, suppression and bounce/complaint controls are implemented.
Compliance pages
Public privacy, anti-spam, pilot terms and contact pages are prepared for provider review before any live sending key is added.