PLAYBOOKApplications & Infrastructure2 min read
Why Auth and Workflow Are More Important Than Your Code
For anyone deciding where to spend their next month of engineering.
Who this is for: founders and engineering leaders deciding where the next month of effort should go.
Here's the uncomfortable truth in the agentic era: the code you write is the cheapest part of your system. An agent can regenerate it in an afternoon. What stays expensive — and career-ending when it's wrong — is two things: who can do what (auth) and what must happen, in order, exactly once, on the record (workflow). Spend your month there, and the app becomes disposable glue. That's the goal.
The recipe
- Find the auth. Every role check scattered through your handlers belongs
in
ory(principals + roles) and Postgres Row-Level Security (the database says no). - Find the workflow. Every multi-step process held together by a status
column and hope belongs in
temporal— durable, exactly-once, resumable, audited. - Declare them.
kilter init, then addory,temporal, andpostgrestokilter.yaml. - Move access into the data layer. Roles become Ory principals; access decisions become RLS policies enforced on every query, not in seventeen endpoints that are correct in sixteen of them.
- Move process into the workflow engine. Each lifecycle becomes a Temporal workflow that can't be sidestepped.
- Ship.
kilter deploy— live in production, Org Only. Your code is now thin glue over load-bearing infrastructure; hit Promote to expose it when you're ready.
~/app — zsh
$ kilter init app
$ kilter deploy # auth + workflow now live in infra
When auth and workflow live in infrastructure you can point an auditor at, the code on top becomes cheap to rewrite — which is exactly what you want when agents are doing the writing.